Are  you  vulnerable?  Security  assessment  tools  are 

mushrooming  and  becoming  mandatory  for  some  companies.  PAGE  30. 


Clear  Choice  Test  Inkra's  Virtual  Service  Switch 

tries  to  virtualize  security  functions  for  the  data  center.  PAGE  51. 


The  leader  in  network  knowledge  ■www.nwfusion.com  April  5,  2004  ■  Volume  21,  Number  14 


BRUCE  HERSHEY 


XP  fix  previews  impact  of 
a  more  secure  Windows 


■  BY  JOHN  FONTANA 

When  Microsoft  released  the 
first  public  beta  for  Windows  XP 
Service  Pack  2  a  few  weeks  ago,  it 
knew  the  built-in  security  en¬ 


hancements  could  cripple  some 
corporate  applications. 

Companies  testing  XP  SP2  say 
they  are  seeing  some  of  that, 
but  note  a  more  significant 
See  Windows  XP,  page  12 


SERVER  CONSOLIDATION  IS 
a  major  step  on  the  road  to 
utility  computing.  Here  are 
foot-companies  that  shook  up 
thefribta  centers,  including 
Belkin,  where  Network 
Sendees  Manager  John  Adcock 
^nt  from  11  Sun  servers  to 
^w^A-processor  HP  server. 


John  Adctck,  BELKIN 


voo 


McNealy:  Don't 
dismiss  us  in 
data  centers 


Security 
tools  target 
inside  jobs 


Sun  warned 
us:  You  can 
interview 
CEO  Scott 
McNealy,  but 
don  7  ask 
about  the 
financials, 
which  Sun  said  last  week 
will  include  up  to  an  $810 
million  loss  for  the  latest 
quarter.  We  more  or  less  stuck 
to  technology  and  strategy 
questions,  though  Network 
World  Senior  Editors  Deni 
Connor  and  Jennifer  Mears 
still  managed  to  get  a  rise 
out  of  McNealy 

IBM  is  pushing  on-demand  and 
autonomic  computing.  Oracle  is 
promoting  grid.  HP  is  talking  up 
utility  computing.  What’s  Sun’s 
vision  for  the  new  data  center? 

We’re  shipping  everything  you 
See  McNealy,  page  14 


■  BY  ELLEN  MESSMER 

For  a  decade,  corporations  have 
erected  perimeter  defenses  to 
keep  Internet  attackers  at 
bay.  Now  IT  managers 
are  under  pressure  to 
deal  with  an  even  bigger 
challenge:  keeping  insid¬ 
ers  from  using  the  Internet  to  leak 
valuable  business  data. 

The  problem  has  given  rise  to  a 
new  generation  of  start-ups  —  in¬ 
cluding  Veradsys,  Vericept,  Vidius 
and  Vontu  —  focused  on  secur¬ 
ing  digital  content  and  watching 
where  it  goes. 

The  latest  company  to  enter  the 
market  is  Tablus, which  debuted 
last  month  and  quickly  picked  up 


$7  million  in  venture  capital  from 
Menlo  Ventures.  Tablus  and  the 
other  content-monitoring  ven¬ 
dors  have  gateway-style  products 
that  let  managers  iden¬ 
tify  critical  business 
data,  including  whole 
documents  if  need  be, 
and  track  how  this  data 
is  transmitted  via  e-mail,  FTP  or 
other  means. 

“This  is  a  growing  trend  in 
terms  of  monitoring  employees," 
says  Richard  Mogull,  research 
director  in  information  security 
and  risk  at  Gartner,  which  this 
June  plans  to  issue  its  first  report 
on  the  topic  and  advise  clients 
they  should  be  using  content- 
See  Security,  page  66 


■  New  reports 
signal  a  shift  in 
cybersecurity 
debate.  Page  8. 


A  Wider  Net 

What’s  in  a  code  name? 

Shark  sticks,  Butt-Head  Astronomer  doesn't. 


■  BY  ROBERT  MCMILLAN 

you’ve  just  bought  one  of 
IBM’s  TotalStorage  Enter¬ 
prise  Storage  Servers  and 
happen  to  know  the  right  sales 
representative, you  get  a  unique 
add-on  for  your  new  storage 
array:  a  fin. 

A  shark  fin,  that  is. 


“There’s  an  informal  network 
of  who  you  can  get  the  fin  from,” 
says  John  Power,  the  marketing 
manager  for  the  Enterprise 
Storage  Server,  who  explains  that 
the  shark  fin  is  a  reference  to  the 
product’s  code  name,  Shark. 
“There  are  closets  in  IBM  offices 
all  over  the  world  with  these  fins 
See  Code  names,  page  68 


A  plastic  fin  adds  cachet 
to  the  IBM  Shark  server. 
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Ms.  3,000  Customer 
Web  Servers  Upgraded 
in  Three  Hours 


Microsoft 


Your  potential.  Our  passion. 


"We  have  3,000  servers  at  customer  sites  worldwide. 
My  team  of  four  manages,  monitors,  makes  changes, 
and  does  upgrades  without  leaving  our  desks." 


Saori  Fotenos 

IT  Manager,  Reuters 


Make  a  name  for  yourself  with  Windows  Server  System. 

Microsoft  Windows  Server  System  makes  Reuters 
infrastructure  easier  to  manage.  Here's  how:  In 
the  past,  updating  Reuters  servers  deployed  at 
customer  sites  required  dispatching  a  Reuters 
technician  to  the  customer  site.  But  now,  using 
Windows  Server  2003,  Reuters  can  manage 
everything  remotely,  allowing  them  to  invest 
their  resources  in  new  products  and  added 
services.  It's  software  that  helps  you  do  more  with 
less.  Get  the  full  Reuters  story  and  a  hands-on 
management  tool  at  microsoft.com/wssystem 


Windows 
Server  System 


Windows  Server  System”*  includes  these  products: 


Server  OS 

Windows  Server™ 

Operations  Infrastructure 

Systems  Management  Server 

Application  Center 

Operations  Manager 

Internet  Security  &  Acceleration  Server 

Windows*  Storage  Server 

Application  Infrastructure 

SQL  Server"*- 

BizTalk*  Server 

Commerce  Server 

Content  Management  Server 

Host  Integration  Server 

Information  Work  Infrastructure  Exchange  Server 

Office  SharePoint'”  Portal  Server 
•  Office  Live  Communications  Server 


Vetl70n  wireless 

We  never  stop  working  for  you 
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(SffajS 


Cdt  History 
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Graffiti 


Large  color  screen 


Powerful  Palm  OS’ 
V4.1  software 


Phone/PDA  with 
sleek,  clamshell  design 


Verizon  Wireless  NationalAccess  capable  [^KidDCERS  7135  Smartphone 


Welcome  To  Your  New  Office. 

On  The  Go  E-mail  Access  From  Verizon  Wireless. 

Keep  your  employees  connected  to  important  e-mail,  schedules  and  contacts  with  VZEmaiir  Verizon  Wireless 
now  offers  the  latest  PDAs  and  Smartphones  complete  with  Wireless  Sync.  Making  work  more  productive, 
efficient  and  convenient-even  outside  the  office.  One  more  reason  why,  for  all  your  company’s  wireless  needs, 

we  mean  business. 


Contact  our  business  representatives  at  1.866.899.2862  or  log  on  to  verizonwireless.com. 


Network  not  available  in  all  areas.  ©2004  Verizon  Wireless 
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Inkna’s  1518TX  Virtual  Service  Switch 

Inkra  Networks'  Virtual  Service  Switch  tries  to  manage  multiple  security  functions 
in  one  appliance.  Page  51. 
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disagree.  See  what  they  have  to  say,  then  add  your  thoughts  and  talk  with 
them  in  our  forum.  DocFinder  1453 

Seminars  and  events 


New  secrets  of  effective,  efficient  enterprise 
WANs  to  be  revealed 

How  should  your  network  support  on-demand,  automatic  or  grid  comput¬ 
ing?  What's  the  best  way  to  adopt  Web-enabled  and  service-oriented 
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Who’s  responsible  for  cybersecurity? 


Deep  thoughts 

The  National  Cyber  Security  Partnership  has  issued 
three  reports  in  recent  weeks: 

Improving  Security  Across  the  Software  Development 
Lifecycle 

Released  April  1.  Considers  the  possibility  that  government  action 
might  be  necessary  to  force  software  vendors  to  improve  software 
design.  Also  advocates  improved  education  and  training  programs 
for  software  developers. 


Awareness  for  Home  Users  and  Small  Businesses 

Released  March  18.  Authorizes  September  2004  as  National  Cyber 
Security  Month,  advocates  a  direct-mail  campaign  to  corporate 
executives  and  supports  regional  homeland  security  forums  for  CEOs. 


Cyber  Security  Early  Warning 

Released  March  18.  Calls  for  the  creation  of  an  early-warning  alert 
network  that  would  cut  across  industries  and  provide  information 
needed  to  prevent  attacks,  mitigate  the  impact  of  attacks  and 
remediate  systems. 

Additional  reports  on  technical  standards  and  corporate 
governance  are  due  out  this  month. 

These  reports  are  available  at  www.cyberpartnership.org. 


■  BY  CAROLYN  DUFFY  MARSAN 

WASHINGTON,  D.C.  —  The 
debate  over  whether  corporate 
network  executives  or  their  soft¬ 
ware  suppliers  should  shoulder 
the  burden  for  improving  the 
nation’s  cybersecurity  is  shifting 
direction  as  pressure  mounts  for 
vendors  to  ship  safer  products. 

Until  now,  the  software  industry 
has  placed  most  of  the  responsi¬ 
bility  for  securing  the  nation’s 
information  infrastructure  on  cus¬ 
tomers  of  their  products.  IT  lobby¬ 
ing  groups  have  issued  recom¬ 
mendations  for  corporate  users, 
while  discouraging  new  regula¬ 
tions  for  software  vendors. 

Corporate  executives,  who  find 
their  organizations  vulnerable  to 
viruses  and  other  attacks  despite 
spending  more  of  their  IT  dollars 
on  security  are  fed  up. 

“Until  we  address  some  of  the 
software  issues  —  the  fundamen¬ 
tal  flaws  in  the  software  we  are  all 
using  —  we  are  not  going  to  solve 
the  cybersecurity  problem,”  says 
Marian  Hopkins,  director  of  pub¬ 
lic  policy  for  the  Business  Round¬ 
table,  an  association  of  CEOs  of 
the  nation’s  largest  companies. 

The  Business  Roundtable  says 
it  will  issue  a  set  of  guidelines  on 
cybersecurity  this  month  that 
urges  vendors  to  improve  their 
products. 

Owning  up 

Software  vendors  are  starting  to 
own  up  to  their  responsibilities. 

Last  week,  the  industry  ack¬ 
nowledged  for  the  first  time  in  a 
report  to  the  Bush  administra¬ 
tion  that  the  Department  of 
Homeland  Security  should  exa¬ 
mine  whether  “tailored  govern¬ 
ment  action  is  necessary  to 
increase  security  across  the  soft¬ 
ware  development  cycle.” 

The  recommendations  in  the 
fine  print  of  a  report  by  the 
National  Cyber  Security  Partner¬ 
ship  (NCSP)  say  the  federal  gov¬ 
ernment  should  consider  such 
options  as  “liability  and  liability 
relief,  regulation  and  regulatory 
reform,  tax  incentives,  enhanced 


prosecution,  research  and  devel¬ 
opment,  education  and  other 
incentives.” 

The  umbrella  organization, 
which  includes  the  leadership 
of  the  IT  industry’s  top  lobbying 
groups,  including  the  Business 
Software  Alliance,  recommends 
that  the  Department  of  Home¬ 
land  Security  produce  a  report 
in  2005  that  considers  how  it 
would  be  best  for  the  federal 
government  to  take  action  on 
cybersecurity  while  preserving 
innovation. 

The  NCSP’s  other  recommen¬ 
dations  include:  improving  the 
quality  of  computer  security 
training  at  universities;  develop¬ 
ing  a  software  security  accredi¬ 
tation  program;  creating  best 
practices  for  building  security 
into  software  design;  and  adopt¬ 
ing  guiding  principles  for  patch 
management. 

“Hardware  and  software  ven¬ 
dors  are  responsible  for  paying 
greater  attention  to  secure  prod¬ 
ucts,”  says  Marc  Jones,  chair  of  the 
NCSP’s  enterprise  task  force  and 
CEO  of  network  software  vendor 
Visionael.  “Whenever  possible, 
they  should  be  taking  the  respon¬ 
sibility  off  the  end  user.  That’s  a 
reasonable  request.” 

However,  Jones  warns,  improv¬ 
ing  the  software  development 
process  is  not  easy“There  are  def¬ 
inite  efforts  to  establish  best  prac¬ 
tices  for  the  software  vendors  . . . 
but  that’s  not  an  overnight  activ¬ 
ity?’  he  says.  “And  that  doesn’t 
mean  consumers  or  businesses 
will  adopt  these  new  products 
overnight.” 

Demonstrating  the  pressure  that 
software  vendors  feel  about 
cybersecurity  issues,  Microsoft 
Chairman  and  Chief  Software 
Architect  Bill  Gates  sent  a  letter  to 
corporate  customers  last  week 
outlining  the  software  giant’s 
progress  on  improving  the  secur¬ 
ity  of  its  operating  systems.  He 
cited  recent  and  pending  security 
enhancements  to  Windows  XP 
Service  Pack  2  and  Windows 
Server  2003.  He  also  highlighted 
what  he  called  “significant”  invest¬ 


ments  by  Microsoft  in  four  areas 
of  security:  isolation  and  resilien¬ 
cy;  updating;  quality  and  authen¬ 
tication;  and  access  control. 

“Reducing  the  impact  of  vi¬ 
ruses  and  worms  to  an  accept¬ 
able  level  requires  fundament¬ 
ally  new  thinking  about  software 
quality  continuous  improvement 
in  tools  and  processes,  and  ongo¬ 
ing  investments  in  resilient  new 
security  technologies  designed 
to  block  malicious  or  destructive 
software  code  before  it  can 
wreak  havoc,”  Gates  wrote.“It  also 
requires  computer  users  to  be 
proactive  about  deploying  and 
managing  products.” 

Customer  view 

“Our  clients  demand  that  we 
have  a  high  level  of  security  be¬ 
cause  we  maintain  their  files  and 
documents  here  in  electronic 
form,”  says  Kenji  Miyaji,  manager 
of  IT  operations  for  Pillsbury 
Winthrop,a  New  York  law  firm. 

The  firm  purchased  a  VPN  sys¬ 
tem  and  new  authentication  soft¬ 
ware  last  year  to  improve  the 
security  of  remote-access  ser¬ 
vices  it  provides  to  1,800  users 
worldwide. 

Miyaji  says  the  firm’s  executive 
committee  has  asked  the  IT  de¬ 
partment  to  make  it  a  priority  to 
upgrade  the  firm’s  systems,  ser¬ 
vers  and  networks  with  the  latest 
security  patches  from  Microsoft 
and  others. 

He  says  he’d  like  to  see  software 
vendors  improve  the  speed  at 
which  they  offer  security  patches. 
“The  press  is  faster  than  the  ven¬ 
dors  in  terms  of  releasing  this 
type  of  information.” 

B.  Lee  Jones,  CIO  of  Stratex 
Networks,  says  software  vendors 
need  to  do  more.  “The  main  thing 
that  comes  to  mind  is  the  Micro¬ 
soft  operating  systems.  The  oper¬ 
ating  systems  are  so  large  and  so 
complex  that  there  are  holes.” 

Jones  says  his  No.  1  priority  for 
2004  is  network  security.  That’s 
why  the  San  Jose  manufacturer 
of  wireless  communications  sys¬ 
tems  recently  deployed  a  new 
policy-based  security  system  for 
the  remote-access  services  that 
it  offers  to  300  users  dialing 
into  its  network  from  far-flung 
locations. 

Still,  Jones  says  he  is  wary  of 
federal  government  intervention 
on  cybersecurity  issues.  “The 
pressure  from  the  customers 
should  be  the  guiding  force,”  he 
says.  “It’s  hard  for  me  to  imagine 
how  you  would  legislate  good 


software.  But  it  is  a  good  idea  to 
have  some  guidelines  about  what 
kind  of  compensation  you  might 
be  able  to  look  for  if  there  was 
negligence  on  the  part  of  a  soft¬ 
ware  company  that  caused  losses 
for  your  business.” 

More  companies  like  Stratex 
and  Pillsbury  Winthrop  are  invest¬ 
ing  in  network  security  A  March 
survey  of  100  CEOs  by  the  Busi¬ 
ness  Roundtable  found  that  100% 
of  respondents  had  strengthened 
cybersecurity  since  Sept.  1 1 , 2001 . 
These  companies  have  increased 
security  spending  an  average  of 
10%  since  then. 

“Cybersecurity  is  a  very  impor¬ 
tant  issue  that  requires  CEO  atten¬ 
tion,  and  with  the  increasing  num¬ 
ber  of  attacks  from  viruses  and 
worms,  the  cost  associated  with 
these  attacks  is  growing  exponen¬ 
tially  the  Business  Roundtable’s 
Hopkins  says. 

Network  security  experts  also 
have  pushed  software  vendors  to 
build  better  security  features  into 
their  products. 

The  software  industry’s  focus 
has  been  “to  tell  users  they  have 
to  become  computer  experts, 
which  is  simply  not  feasible,” says 
Alan  Paller,  director  of  research  at 
the  SANS  Institute,  a  Bethesda, 
Md.,  provider  of  network  security 
training.  “The  vendors  are  the 
only  entities  that  can  protect  the 
enterprise.” 

Paller  says  vendors  should  ship 
software  with  security  configura¬ 
tions  turned  on  and  vulnerable 


services  turned  off.  He  also  says 
software  vendors  should  offer 
automatic  update  services  to  de¬ 
liver  software  patches  to  the  busi¬ 
ness  customer  to  disseminate. 

He  recommends  that  corpo¬ 
rate  network  managers  use  their 
buying  power  to  force  software 
vendors  to  ship  products  with 
more  built-in  security  features. 
“The  only  pressure  that  works  is 
money”  he  says. 

The  cybersecurity  debate  prom¬ 
ises  to  remain  in  the  limelight, 
with  new  groups  forming  to  offer 
their  perspectives.  Last  week,  sev¬ 
eral  software  vendors,  including 
VeriSign  and  Internet  Security 
Systems,  announced  that  they 
had  formed  a  group  called  Amer¬ 
icans  for  a  Secure  Internet.  ■ 


\  I  / 


■  THIS  WEEK’S  QUESTION: 

How  did  storage 
start-up  Sepaton  get 
its  name? 


Stumped?  Get  the  answer  online. 

Visit  Network  World  Fusion  and  enter 
2349  in  the  Search  box. 

www.nwfusion.com 


Corrections 


■  A  news  brief  (March  29,  page  6)  incorrectly  named  Dell  in  its  head- 
.  line.  It  should  have  said  "HP  files  patent  suit  against  Gateway." 

■  In  the  review  "OS/X  Panther  10.3  purrs  with  more  management" 
ti  savvy  (March  29.  page  45)  the  upgrade  price  should  have  been  S129. 
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The  more  freedom  you  give  employees  to  work  anywhere,  the  more  you  can  achieve.  That's  good.  But,  at  the  same  time,  the  more  you  expose  yourself  to  intruders  and  worms. 
That’s  not  so  good.  How  far  can  a  network  travel  to  protect  your  office?  Now,  the  answer  is  everywhere.  Cisco  networks,  with  integrated  wireless  security,  protect  mobile  workers 
who  constantly  move  outside  the  safety  of  the  corporate  network.  So  information  is  secured.  No  matter  where  it  exists.  To  learn  more  about  how  Cisco  can  help  plan,  design  and 

implement  your  network  security,  visit  cisco.com/securitynow.  SELF-DEFENDING  NETWORKS  PROTECT  AGAINST  HUMAN  NATURE. 
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Wireless  grabs  spotlight  at  Spring  VON 

New  handsets  drive  discussion  of  VoIP  over  Wi-Fi  and  cellular. 


■  BY  TIM  GREENE 

SANTA  CLARA  —  The  combi¬ 
nation  of  VoIP  over  Wi-Fi  and  tra¬ 
ditional  cellular  phone  services 
made  a  splash  at  last  weeks 
Spring  VON  2004  conference, 
although  observers  say  key  obsta¬ 
cles  need  to  be  cleared  before 
companies  realize  promised 
costs  savings  from  using  these 
technologies  in  tandem. 

Seminars  on  the  technology 
and  booths  displaying  it  drew 


crowds  from  the  3,500  people 
attending  VON,  which  boasted 
135  exhibitors  and  a  waiting  list 
of  another  40. 

Leading  handset  players  Erics¬ 
son,  Motorola  and  Nokia  demon¬ 
strated  combination  wireless 
VoIP/cell  phones,  and  NEC 
announced  its  intentions  to  get 
into  the  market  as  well.  The 
promise  of  such  devices  is  that 
businesses  could  equip  employ¬ 
ees  with  them,  thus  letting  work¬ 
ers  make  calls  over  Wi-Fi  wherev- 


WLAN  protocol  being 
pitched  to  smooth 
interoperability 


■  BY  JOHN  COX 

Two  wireless  LAN  companies 
this  week  will  unveil  a  protocol 
for  controlling  WLAN  access 
points  and  ask  the  IETF  to  con¬ 
sider  it  for  a  standard. 

If  the  aim  for  this  protocol 
sounds  familiar,  it  should:  It’s  the 
same  as  that  addressed  by  Light¬ 
weight  Access  Point  Protocol 
(LWAPP),  which  was  created  by 
a  small  group  of  vendors,  includ¬ 
ing  WLAN  switch  vendor  Aire- 
space.  The  vendors  last  year 
passed  their  work  to  the  IETF  for 
standards  consideration. 

The  proposals  are  aimed  at  set¬ 
ting  standards  for  WLAN  access 
points  and  switches  to  smooth 
interoperability  and  give  cus¬ 
tomers  more  freedom  to  switch 
vendors. 

The  IETF  early  this  year  char¬ 
tered  a  working  group  on  this 
subject,  but  not  to  write  a  proto- 


More  online! 


Attend  Wireless  LANs:  Gaining  Strength, 
Reaching  Farther,  a  new  Network  World 
Technology  Tour  event.  It  brings  together 
the  intelligence,  innovations  and  solutions 
you  need  to  move  forward. 
DocFinder:  9932 


col.  Instead,  the  Control  and 
Provisioning  of  Wireless  Access 
Points  (CAPWAP)  group  is  focus¬ 
ing  on  analyzing  current  models 
of  WLAN  access  points  and  how 
they  connect  to  the  network  or 
other  access  points  to  forward 
traffic,  and  how  switches  or  other 
network  elements  control  them. 

Those  models  include  stand¬ 
alone  —  or  fat  —  access  points, 
and  thin  access  points,  which 
shift  many  of  their  functions  to  a 
WLAN  switch  or  access  con¬ 
troller.  CAPWAP’s  work  could 
lead  to  an  architectural  proposal 
and  protocol  development.  The 
group’s  initial  document  is  due 
in  July 

The  scheme  being  introduced 
this  week  is  called  the  CAPWAP 
Tunneling  Protocol  (CTP),and  it 
is  currently  in  beta  test.The  back¬ 
ers  are  Chantry  Networks,  a 
WLAN  switch  vendor,  and 
Propagate  Networks,  which  has 
software  that  runs  on  WLAN  gear 
to  create  self-organizing  radio 
networks. 

CTP  covers  a  broader  spec¬ 
trum  than  LWAPPwhich  focused 
on  802.11,  says  Bob  Myers, 
Chantry  co-founder  and  CTO. 
“We  want  to  support  different 
radio  technologies  at  the  edge  of 
the  net,”  he  says. 

Other  differences  in  CTP 
include  a  way  for  access  points 
and  switches  to  swap  informa¬ 
tion  about  their  features  and 
capabilities  as  well  as  support 
for  any  topology  such  as  direct 
connections.  ■ 


- \ 

Give  me  VoIP 

Companies  considering  voice-over-Wi-Fi  LANs  say  their 
decisions  will  be  made  based  on  several  key  factors. 


Factor  (Percentage  who  say  this  factor  is  very  important) 


Impact  on  Ability  to  Provable  cost  Ability  to 

overall  network  assure  quality  benefits  integrate  with  the 
performance  of  service  public  phone 

network 

SOURCE:  INFONETICS  RESEARCH 
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er  internal  or  public  hot  spots  are 
available  and  via  cellular  in  other 
places. 

Companies  could  save  money 
by  running  the  Wi-Fi  networks 
themselves  and  only  paying  carri¬ 
ers  for  cellular  service. 

“This  can  empower  the  enter¬ 
prise  in  a  coming  turf  battle  over 
who  will  be  the  wireless  service 
provider  within  the  enterprise,” 
said  Jeff  Pulver,  president  and 
CEO  of  Pulver.com,  the  show’s 
organizer. 

The  biggest  savings  could  come 
from  slashing  the  number  of 
intra-company  cell  phone  calls, 
which  currently  make  up  about 
60%  of  all  such  cellular  business 
calls,  Pulver  says.  But  it  has  not 
been  determined  whether  cus¬ 
tomers  will  essentially  run  their 
own  VoIP-over-Wi-Fi  networks  or 
hand  over  that  job  to  carriers, 
which  could  offer  any  combina¬ 
tion  of  services,  such  as  cellular 
service  plus  Wi-FI  access  inside  or 
outside  of  customer  sites. 

Show  speakers  said  the  realiza¬ 
tion  of  the  benefits  of  hybrid  wire¬ 
less  phone  systems  is  still  years 
away,  as  kinks  remain  to  be 
worked  out  in  VoIP  overWi-Fi. 

Key  among  the  challenges  is 
guaranteeing  quality  of  service 
(QoS)  on  calls,  especially  when 
end  users  are  moving  from 
access  point  to  access  point.  The 


industry  has  determined  that 
latency  for  the  entire  connection 
between  handsets  cannot  be 
greater  than  50  millisec,  but  just 
switching  a  call  from  one  access 
point  to  the  next  takes  hundreds 
of  milliseconds. 

“The  handoff  is  good  enough 
for  data,  but  it’s  not  good  enough 
for  voice,”  says  Alain  Mouttham, 
CEO  of  SIPquest,  which  makes 
software  for  SIP  servers  and  appli¬ 
cations. 

LAN  switches  and  IP  service 
providers  also  need  to  get 
involved  to  support  the  same  QoS 
scheme,  says  Bob  Jordan,  vice 
president  of  marketing  for  wire¬ 
less  LAN  company  Strix  Systems. 

Currently  VoIP  over  WiFi  is  used 


mainly  by  residential  customers 
who  have  VoIP  phone  services 
and  a  wireless  LAN  and  want  a 
portable  handset,  says  Kevin 
Mitchell,  an  analyst  with  Info- 
netics  Research. 

Vendors  say  VoIP  over  Wi-Fi  ini¬ 
tially  has  promise  in  medical 
institutions,  warehouses  and 
other  business  settings.  ■ 


More  from  VON  online 


■  Read  about  AT&T’s  lat¬ 
est  VoIP  offering,  chatter 
about  VoIP  regulations 
and  a  new  open  source 
effort  at  www.nwfiision 
.com,  DocFinder:  1448. 


IBM  becomes  new  Candle  holder 


■  BY  DENISE  DUBIE 

IBM,  in  an  effort  to  expand  its  management  soft¬ 
ware  arsenal,  last  week  snapped  up  longtime  partner 
and  sometime  competitor  Candle  for  an  undis¬ 
closed  sum. 

Candle,  a  privately  held  company  formed  in  1976, 
is  best  known  for  its  mainframe  system  management 
and  analysis  tools,  although  it  also  offers  software  for 
managing  distributed  applications,  systems  and  mid¬ 
dleware  programs,  such  as  those  in  IBM’s  DB2, 
WebSphere  and  MQ  portfolios. 

Robert  LeBlanc,  general  manager  for  Tivoli 
Software  at  IBM, says  Candle’s  software  will  fill  gaps 
in  IBM’s  product  line,  such  as  in  performance  and 
availability  management  on  high-end  zSeries 
machines.  Candle  technologies  are  expected  to  be 
integrated  across  IBM’s  software  divisions:  DB2, 
Lotus,  Rational, Tivoli  and  WebSphere. 

LeBlanc  did  not  say  if  any  overlapping  Candle  and 
Tivoli  products  would  be  discontinued  once  the 
merger  is  final,  which  is  expected  to  happen  by 
midyear. 

Andy  Mullins,  president  and  COO,  says  Candle 


either  had  to  embark  on  a  huge  growth  plan  or  get 
acquired  to  thrive  in  what’s  become  an  increas¬ 
ingly  competitive  market  among  data  center  prod¬ 
uct  suppliers. 

Candle  found  success  in  the  early  1980s  with  its 
Omegamon  suite  of  mainframe  management  soft¬ 
ware  products.  In  2002,  the  company  introduced 
PathWAI,  software  and  consulting  packages  aimed 
at  helping  customers  design,  test,  deploy  and  man¬ 
age  Web  server  and  middleware  infrastructures. 

The  acquisition  isn’t  surprising  in  light  of  the  fact 
that  there’s  still  good  money  to  be  made  in  main¬ 
frame  management, says  Jasmine  Noel, a  principal  at 
Ptak,  Noel  &  Associates. 

“Competition  is  becoming  extremely  fierce,  and 
the  goal  is  to  grab  as  much  market  share  as  possi¬ 
ble.  Since  the  cost  of  switching  customers  is  incred¬ 
ibly  high,  it’s  easier  to  buy  the  competition,”  she 
says. 

Other  potential  acquisition  targets  in  the  man¬ 
agement  software  market  include  companies  such 
as  ASG,  Compuware  and  Heroix,  while  vendors 
such  as  BMC  Software  and  Computer  Associates 
are  possible  buyers,  Noel  says.  ■ 


HP  ProCurve  Networking  vs.  3Com  and  Cisco 

Cost-of-ownership  comparision*  for  layer  3  mid-size  solution 


With  HP  ProCurve  Networking  solutions,  you  can  afford  to  build  secure,  mobile,  multiservice  networks. 

That's  because  a  recent  third-party  study  comparing  HP  ProCurve  Networking,  3Com  and  Cisco  layer  3  solutions  found  that  HP  ProCurve  offered 
the  most  cost-effective  option  over  three  years  of  ownership!  HP  ProCurve  also  offers  an  industry-leading  lifetime  warranty."  Along  with  dedicated 
worldwide  support  resources.  Like  software  updates  for  the  life  of  the  product  and  free  phone  and  Web  support.  And  as  usual,  HP  ProCurve 
products  are  engineered  with  legendary  HP  quality  and  reliability. 


HP  ProCurve  switch 
5300x1  SERIES 

Provides  secure  access  to  business  assets  as  well  as 
Gigabit  performance  to  the  edge  of  the  network. 

Increases  productivity  across  a  mobile  workforce  with 
appropriate  network  access  control. 

I  Converges  communications  with  simplified,  feature-rich 
multiservice  capabilities. 


invent 


To  learn  more  about  how  we  can  deliver  affordable  networking  solutions,  register  to  receive  the  Info-Tek 
cost-of-ownership  comparison  paper  at  www.hp.com/learn/procurve. 


‘All  prices  from  HP,  3Com  and  Cisco  were  independently  obtained  in  September  2003  by  Info-Tek  Research  using  U.S.  Internet  shopping  sites  (a  study  commissioned  by  HP).  Cost-of-ownership  totals  for  3Com  and  Cisco  include  charges  for  services  and  support. 
The  HP  ProCurve  solution  includes  in  the  purchase  price  an  equivalent  level  of  services  and  support  for  as  long  as  you  own  the  products.  "For  as  long  as  you  own  the  product  (available  in  most  countries).  ©2004  Hewlett-Packard  Development  Company,  L.P 
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A  failure  to  communicate? 

Microsoft  has  issued  a  list  of  components  or  services  that 
could  falter  after  the  installation  of  Windows  XP  Service 
Pack  2,  which  includes  a  firewall  that  is  turned  on  by  default. 
The  firewall  blocks  any  incoming  communication  that  the 
client  has  not  solicited. 


Windows  XP 

continued  from  page  1 

development:  Corporate  users 
will  have  to  change  the  way  they 
develop  applications  and  build 
networks  to  compensate  for  the 
security  changes  Microsoft  is 
making  to  its  desktop  and  server 
operating  systems. 

“The  more  secure  the  [operating 
system] ,  the  harder  it  is  to  use;  it’s 
always  a  trade-off,”  says  Tom 
Gonzalez,  senior  network  admin¬ 
istrator  for  the  Colorado  State  Em¬ 
ployees  Credit  Union  in  Denver. 

With  XP  SP2,  most  of  the  trade¬ 
offs  revolve  around  the  built-in 
Internet  Connection  Firewall 
(ICF),  which  is  turned  on  by 
default  and  will  disrupt  commu¬ 
nication  for  existing  applications, 
such  as  remote  administration 
and  patch  management  tools, 
performance  monitors  and  other 
programs  that  communicate  over 
file-  and  print-sharing  channels, 
hard  drive  shares  that  operate 
over  specific  ports,  and  peer-to- 
peer  and  file-sharing  programs. 

New  security  restrictions  placed 
on  Remote  Procedure  Call  (RPC) 
and  Distributed  Component  Ob¬ 
ject  Model  (DCOM)  services, 
which  are  often  exploited  by 
worms  and  viruses,  also  could 
choke  existing  applications.  New 
memory-protection  features, 
which  will  stifle  code  generated 


by  just-in-time  compilers,  could 
do  the  same. 

Companies  are  paying  atten¬ 
tion  and  conducting  thorough 
testing  to  avoid  problems.  Users 
can  configure  the  firewall  to 
accommodate  specific  applica¬ 
tions,  open  needed  ports  or  turn 
the  firewall  off  completely  They 
also  can  centrally  manage  fire¬ 
wall  settings  using  Microsoft’s 
Group  Policy  Objects  feature  in 
Active  Directory 

But  given  the  range  of  applica¬ 
tions  in  any  given  company  it 
won’t  be  easy 

“We  have  1,800  applications 
and  if  you  change  something 
there  is  a  chance  that  something 
can  go  wrong,”  says  Mike  Mc¬ 
Caffrey,  operating  systems  manag¬ 
er  for  engineering  company 
Bechtel  in  San  Francisco.  Mc¬ 
Caffrey  says  SP2  is  not  a  big  issue 
now  because  Bechtel  has  not 
migrated  many  desktops  to  XR 
but  he  expects  rigorous  testing 
will  mean  a  long  deployment 
cycle. 

The  credit  union’s  Gonzalez  is 
aware  of  the  SP2  issues  but  is  not 
fretting.  He  will  turn  off  ICF 
because  the  credit  union  already 
has  desktop  firewalls  in  place.  He 
says  DCOM  and  RPC  changes  are 
not  a  big  risk  because  his  finan¬ 
cial  applications  were  designed 
with  security  in  mind. 

“DCOM  and  RPC  should  al¬ 


ready  have  been  taken  care  of  by 
people  who  care  about  security 
in  their  applications,”  says  a  soft¬ 
ware  configuration  manager  for 
a  large  consulting  firm,  who 
asked  not  to  be  identified. 

The  manager  says  he  isn’t  wor¬ 
ried  about  the  effects  of  RPC  and 
DCOM  changes  after  testing  his 
applications  against  SP2.  “I  sup¬ 
pose  a  few  things  might  still 
break,  but  we  will  go  back  and  fix 
them,”  he  says. 

As  for  ICR  he  will  not  use  it  to 
replace  his  Zone  Labs  desktop 
firewall  because  he  feels  ICF  is 
not  enterprise  ready.“Its  lack  of  re¬ 
porting  tools  and  outbound  filter¬ 
ing  make  it  undesirable,”  he  says. 

Microsoft  didn’t  include  the 
outbound  filtering  because  it 
would  have  caused  even  more 
problems  for  applications, 
according  to  Patrick  Hynds,  CTO 
for  CriticalSites,  a  custom  appli¬ 
cation  development  firm  in 
Burlington,  Mass.  Microsoft 
made  other  concessions,  includ¬ 
ing  not  restricting  RPC  clients 
that  use  its  named  pipe  protocol 
sequence.  This  also  would  have 
caused  significant  backward- 
compatibility  problems,  the 
company  says. 

“Microsoft  has  to  keep  these 
security  improvements  from  be¬ 
coming  a  backward-compatibil¬ 
ity  issue,”  Hynds  says.  He  says  he 
thinks  it  will  succeed.  “The  SP2 
issues  are  not  exactly  as  hyped  as 
Y2K,  but  they  will  have  the  same 
impact,”  he  says.  In  2000,  gloomy 
Y2K  predictions  ended  with  a 
whimper. 

Hynds  says  the  real  enduring 
impact  might  be  “preventing  peo¬ 
ple  from  being  terminally  naive 
about  security’ 

“I  can’t  say  what  percentage  of 
applications  will  be  affected,  but 
we  know  we  will  affect  certain 
categories  of  applications,”  says 
Tony  Goodhew,  a  product  man¬ 
ager  in  Microsoft’s  developer 
division. 

The  debugging  feature  in  Mi¬ 
crosoft’s  Visual  Studio.Net  devel¬ 
opment  tool  is  one  break  point. 
The  company  is  providing  a 
workaround  until  Visual  Studio 
2005  ships,  but  versions  before 
Visual  Studio  2002  will  not  be 
upgraded.  Microsoft  also  will 
issue  upgrades  to  its  .Net  Frame¬ 
work  to  support  new  memory- 
protection  features. 
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Client  scenario: 

Desktop  is  managed. 

Firewall  blocks  these 
components  or  capabilities: 

Agents  that  use  SNMP. 

Use  ofWindows  Management 
Interface. 

Remote  management 
features  using  Netsh  ora 
Microsoft  Management 
Console  snap-in. 

Use  of  XP's  Remote 
Assistance  and  Remote 
Desktop. 

Desktop  management  soft¬ 
ware  that  relies  on  infor¬ 
mation  being  pushed  out 
from  a  management  station. 


Spreading  the  word 

In  the  meantime,  the  company 
continues  its  relentless  security 
public  relations  campaign.  Last 
week,  Chief  Software  Architect 
Bill  Gates  distributed  an  open  let¬ 
ter  outlining  Microsoft’s  progress 
on  its  newfound  security  commit¬ 
ment.  Microsoft  also  has  been 
spreading  the  word  about  SP2  by 
issuing  a  white  paper  in 
December  and  posting  online 
training  courses  for  developers  in 
February  Over  the  next  few 
months  it  will  offer  a  Webcast  and 
host  training  sessions  at  its 
TechEd  conference. 

Microsoft’s  changes  are  needed 
to  improve  security  in  its  operat¬ 
ing  system,  according  to  McCaf¬ 
frey  Gonzalez,  Hynds  and  others. 

“This  might  be  the  point  we 
look  back  on  and  say  that  is  when 
Microsoft  started  to  treat  the 
client  as  a  mission-critical  utility’ 
says  Peter  O’Kelly  an  analyst  at 
Burton  Group. 

However,  that  transition  will 
have  rough  spots,  he  says.  Be¬ 
cause  it  will  be  hard  to  test  all  cor¬ 
porate  applications  for  compati¬ 
bility  with  SP2,  companies  will 
simply  have  to  react  as  applica¬ 
tions  break. 

‘As  Microsoft  flips  the  defaults, 
we  will  have  to  work  harder,”  says 
Eric  Schultze,  chief  security  archi¬ 
tect  at  Shavlik  Technologies, 
which  develops  patch  manage¬ 
ment  tools  that  will  be  affected  by 
ICFThe  company  plans  to  release 


Client  scenario: 

Desktop  acts  as  a  server. 

Firewall  blocks  these  operating 
system  services: 

Internet  Information  Services. 

File  and  printer  sharing. 

Message  queuing. 

SimpleTCP/IP  services. 

Print  services  for  Unix. 

Client  scenario: 

Desktop  acts  as  a  listener. 

Firewall  blocks 

these  listening  components: 

Universal  Plug  and  Play. 

Routing  Information  Protocol 
Listener. 

Incoming  Connections. 
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documentation  to  help  users  con¬ 
figure  ICF  to  work  with  their  tools. 

The  cascade  of  security 
changes  also  will  affect  the  way 
companies  approach  Windows 
Server. 

“Microsoft  is  definitely  chang¬ 
ing  the  landscape,”  says  Jon  Box, 
senior  architect  for  Quilogya  pro¬ 
fessional  services  firm  in  St. 
Charles,  Mo.  “Developers  and  sys¬ 
tems  administrators  will  have  to 
take  some  more  time  to  figure 
things  out.” 

The  final  release  of  XP  SP2  is 
expected  to  emerge  this  sum¬ 
mer,  and  be  followed  by  the 
delivery  of  Service  Pack  1  for 
Windows  Server  2003,  which  will 
incorporate  server-specific  secu¬ 
rity  features  found  in  XP  SP2. 
Microsoft  also  is  creating  server 
security  guidelines  for  legacy, 
enterprise  and  high-security  con¬ 
figurations  for  settings  such  as 
passwords  and  accounts  that 
will  force  users  to  closely  evalu¬ 
ate  and  test  changes. 

“The  higher  the  settings,  the 
more  chance  you  have  to  break 
applications,”  says  Dan  Blum,  an 
analyst  with  Burton  Group.“Enter- 
prises  will  have  to  start  doing  risk 
analysis  for  applications  and  see 
how  safe  it  is  to  unlock  [operating 
system]  features  as  opposed  to 
how  much  it  will  cost  to  rewrite 
applications.”  ■ 

Get  more  information  online. 
DocFinder  1449 
www.imfiisioa.com 


Vendors  readying 
InfiniBand  switches 

■  BY  JENNIFER  MEARS 

InfiniBand  switch  vendors  Top- 
spin  Communications  and  Voltaire 
today  are  expected  to  announce 
switches  that  expand  their  prod¬ 
uct  lines  to  support  bigger  clus¬ 
tered  systems.  The  companies  say 
the  moves  will  breathe  new  life 
into  the  high-speed  I/O  switching 
fabric  technology  that  failed  to 
take  off  as  initially  expected. 

Voltaire, which  offered  the  indus¬ 
try’s  largest  InfiniBand  switch  with 
96  ports, says  it  will  unveil  a  model 
that  will  support  up  to  288  10G 
bit/sec  InfiniBand  connections  or 
96  30G  bit/sec  links.  The  14U  ISR 
9288  is  slated  to  be  available  in  the 
third  quarter  and  will  be  priced  at 
about  $700  per  port,  a  drop  from 
the  $1,000  per  port  its  96  port  ISR 
9600  now  goes  for. 

As  forTopspin,  it  plans  to  announce  the  Topspin  270,  which  will  sup¬ 
port  up  to  96  10G  bit/sec  InfiniBand  connections  or  up  to  32  20G 

See  InfiniBand,  page  66 


Voltaire's  ISR  9288  is  a  modular 
InfiniBand  switch  that  can  scale 
to  288  ports.  The  device  is  shown 
configured  with  240  InfiniBand 
ports  and  two  shelves  with 
InfiniBand-to-Fibre  Channel 
routers  for  SAN  connectivity. 


Client  scenario: 

Desktop  acts  as  a  peer. 

Firewall  blocks  these  operations: 

Third-party  peer-to-peer 
networking  application. 
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U.S.  Robotics  100Mbps 
802.11  g  Wireless  Turbo  Router 


hp  procurve  switch  2824 


3Com  Router  3016 


•  Faster  speed,  greater  compatibility, 
better  security 

•  Compatible  with  all  54Mbps 
802.11  g,  22Mbps  and  11  Mbps 
802.11b  wireless  products 

•  Ideal  for  sharing  high-speed  Internet 
access  for  multiple  users 


Feature-rich,  affordable  WAN  access 
router  for  remote  offices 
Built-in  support  for  converged  voice, 
data,  and  video  as  well  as  the  latest 
security  and  control  features  to 
ensure  efficient  and  secure 
network  operation 
Advanced  QoS  and  traffic 
management  capabilities  for 
converged  voice,  data,  and  video 


•  Migrating  to  Gigabit  switches  will 
allow  you  to  take  full  advantage  of 
your  existing  high-performance, 
Gigabit-enabled  PCs,  notebooks 
and  servers 

•  20-port  10/100/1000BASE-T  (RJ-45) 
Gigabit  Ethernet  managed  stackable 
rack-mountable  switch  with 

4  dual-personality  ports 

•  Seamlessly  protect  your  existing 
network  investment  while  preparing 
for  future  growth 


3Com 


CDW  491051 


CDW  547509 


CDW  530935 
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put  in  a  data  center  except  for 
the  floor  tiles,  walls,  ceiling,  air 
J  conditioning  and  the  network 
that  comes  in. We  offer  refer- 
|  ence  architectures  to  help  you 
f  solve  a  particular  data  center 
I  problem,  whether  that  be  3  mil- 
|  lion  e-mail  boxes  as  a  service 
f  provider,  or  an  SAP  reference 
|  architecture  to  run  your  ERPor 
|  a  data  warehouse  using  Sybase. 
What  we  want  to  be  known  for 

I  is  the  best  infrastructure  to  run 
your  Web  services  on.  We  want 
to  be  known  for  innovation.  We 
want  it  to  be  known  that  every 
one  of  our  user-visible  inter¬ 
faces  is  open  and  adopted  by 
some  or  all.  Name  one  propri¬ 
etary  interface  at  Sun.  1  chal¬ 
lenge  you. 

You  talk  about  how  Sun  wants  to  do 
the  car,  not  the  pieces.  Is  the  com¬ 
pany's  N1  Grid  that  car? 

You  can  buy  our  piston  ring,  a 
1 U  x86  box  or  a  storage  array 
We’ll  play  the  piece-part  game  if 
you  want  to  do  assembly  and 
customize.  We’ll  offer  profession¬ 
al  services  to  help  you  put  it  all 

I  together,  or  we’ll  assemble  it  in 
our  factory  for  you.  In  terms  of 
doing  the  car,  what  does  N1 
have  to  do  with  it?  N 1  is  the 
control  panel  for  virtualization 
and  provisioning  of  those  ser¬ 
vices  so  that  you  can  turn  all  of 
the  equipment  across  data  cen¬ 
ters  into  a  virtual  single  com¬ 
pute  infrastructure  that  can 
dynamically  and  easily  reallo- 
ggj  cate  resources  to  the  jobs  that 
have  the  highest  priority  or 
|  need  the  resources  the  most. 

It  looks  like  you  have  a  few  different 
virtualization  engines,  one  for  sys¬ 
tems,  one  for  storage  and  another 
for  networks.  Are  you  moving 
toward  a  converged  system? 

The  N1  control  panel  will 
make  all  of  that  invisible.  It  fas¬ 
cinates  me  that  if  you  were  sit- 
1  ting  down  with  [Ford  Motor 
|  Chairman]  Bill  Ford, you 
S  wouldn’t  be  asking  him  about 
a  the  transactional  rack  and  pin¬ 
ion  whatever  hoochamajiggie 
ij  with  the  dual  overhead  cam 
whatchamacallit.Yet  nobody 
I  ever  wants  to  talk  with  me 
\  about  our  digital  asset  manage- 
I  ment  architecture  or  our  infi¬ 
nite  mailbox.They  all  want  to 
talk  about  the  crankshaft,  and  1 
1  find  it  fascinating.  Because  Bill 
r  Gates  has  forced  us  all  to 


become  computer  scientists, 
we  all  want  to  know  about  the 
gizzards  and  innards. 

You  made  a  number  of  acquisitions 
in  the  past  year:  CenterRun, 
Nauticus,  WaveSet.  How  do  they  fit 
into  N1? 

WaveSet  and  a  bunch  of  the 
other  acquisitions  are  part  of 
our  Java  Web  services  stack,  the 
platform  on  which  you  write 
and  launch  executable  content 
and  Web  services  content 
through  a  portal.  N1  is  where 
stuff  like  Pirus,  CenterRun  and 
TerraSpring  come  in. They  are 
all  about  virtualizing  and  provi¬ 
sioning  CPUs,  disk  drives,  switch¬ 
es  and  services. 

Sun  spent  16%  of  its  revenue  on 
research  and  development  last 
year,  a  number  some  financial  ana¬ 
lysts  criticized  as  being  relatively 
high.  Is  this  investment  paying  off? 

Sixteen  percent  is  high  by  his¬ 
torical  standards,  but  I  have  not 
yet  had  a  customer  say  shame 
on  us  for  doing  all  that  great 
invention  and  innovation.  We’ve 
got  a  very,  very  strong  cash 
position.  In  the  last  two  years, 
we’ve  completely  redone  our 
entire  product  line  with  Solaris 
10,UltraSparc  IV,  UltraSparc  Illi, 
our  Opteron  products  with 
Kealia,  as  well  as  the  current 
stuff  we  have.The  v20z,the  x86 
Xeon  3GHz-plus  machine,  the 
entire  Java  Enterprise  System,  a 
whole  new  tools  strategy  led  by 
[Java  inventor]  James  Gosling 
and  then  the  N1  strategy. You 
put  all  those  pieces  together 
with  our  managed  services 
efforts  and  we  have  a  com¬ 
pletely  re-energized,  retooled 
product  line. 

As  far  as  being  open,  how  do  you 
feel  about  expanding  from  the  pro¬ 
prietary  Sparc  architecture  to  Intel 
or  Advanced  Micro  Devices 
machines? 


More  online! 


Network  World's  latest  free  event, 
Masterminding  the  New  Data  Center, 
focuses  on  the  storm  to  consolidate 
servers,  storage  and  apps  in  creating 
the  new  data  center.  Sign  up  online 
to  attend. 
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What  is  proprietary  about 
Sparc?  Would  you  at  least 
explain  to  your  readers  that  it  is 
an  open  chip  interface  that  any¬ 
body  can  innovate  to?  There  are 
multiple  other  people  imple¬ 
menting  Sparc  microprocessors 


out  there.  So  it’s  not  proprietary 
But  the  beauty  of  Web  services 
protocols  and  APIs  like  HTML  is 
that  it  doesn’t  matter  what 
microprocessor  or  operating 
system  you  are  viewing  an 
HTML  page  from,  does  it?  You 
can  do  it  from  your  cell  phone 
or  your  PC  or  your  Mac  or  your 
Sun  workstation,  or  from  a  PDA 
or  from  a  set-top  box.  It’s  write 
once,  render  anywhere. 

And  with  Java  runtimes  every¬ 
where,  you  can  create  exe¬ 
cutable  content  and  execute 
that  on  any  microprocessor 
operating  system.  It  allows  peo¬ 
ple  who  write  to  the  Java 
Enterprise  System  to  do  static 
and  nonstatic  content  and  run 
it  on  a  portfolio  of  microproces¬ 
sor  architectures  and  imple¬ 
mentations  without  having  to 
change  one  bit  of  their  user 
interface. 

With  N1  they  don’t  have  to 
change  their  network  adminis¬ 
tration  and  systems  manage¬ 
ment,  and  with  Java  they  don’t 
have  to  rewrite  their  applica¬ 
tions.  Some  day  the  customer  is 
not  even  going  to  know  [what 
microprocessors  they’re  using] . 
Do  you  know  there  are  about 
100  microprocessors  in  your 
automobile  today?  How  many 
of  them  can  you  name?  How 
many  of  the  operating  systems 
[on  them]  can  you  name,  and 
does  it  matter  to  you? 

Do  you  expect  the  Sparc  machines 
to  complement  your  Intel  and  AMD 
machines,  or  do  you  see  over  time 
migrating  from  one  to  another? 

There  will  always  be  different 
kinds  of  loads  placed  upon  the 
Web  services  infrastructure. 
Some  will  require  64-bit;  some 


will  require  32-bit;  some  will 
require  high  clock  rates;  others 
will  require  absolute  failover 
and  retry  and  other  kinds  of 
availability  measures. There  will 
be  all  kinds  of  different  parts  of 
that  infrastructure  that  will 


require  different  load  optimiza¬ 
tion,  and  there  will  be  no  one 
chip  or  no  one  architecture 
that  will  provide  all  of  the  gen¬ 
eral-purpose  and  specific  capa¬ 
bilities  that  a  Web  infrastruc¬ 
ture  would  want  to  offer.  So 
we’ll  use  whatever  engine  and 
just  bury  it  into  that  infrastruc¬ 
ture  in  a  way  that  the  customer 
doesn’t  have  to  deal  with  it  and 
they  won’t  have  to  rewrite  their 
applications. 

Sun  has  made  a  big  push  into  low- 
end  servers,  and  often  the  effort 
seems  to  be  to  undercut  Dell.  Does 
Sun  have  the  cost  structure  to  sus¬ 
tain  this  game? 

A  1U  Dell  Wintel  box  is  to  Web 
services  delivery  what  a  piston 
ring  is  to  transportation.  If  they 
threw  a  little  Dell  server  on  your 
desk,  you’d  be  about  as  close  to 
delivering  a  reliable,  scalable 
usable  Web  service  as  if  I  threw 
a  piston  ring  on  your  table  and 
said  drive  to  Chicago.  We’re  not 
in  the  AutoZone  business.  We’re 
not  in  the  car  parts  distribution 
business.  We  can  do  that  as  well 
as  anybody  But  that’s  not  what 
our  core  is  about.  We’re  in  the 
systems  business. 

So  when  you  look  at  putting 
all  of  the  pieces  together  —  the 
edge  servers,  the  back-end 
servers,  the  storage,  the  switches 
and  load  balancers,  the  cluster¬ 
ing  software  and  N 1 ,  the  ser¬ 
vices  and  support,  the  applica¬ 
tions,  tuning,  loading  and  con¬ 
figuration,  the  upgrading  and 
remote  monitoring  and  all  the 
rest  —  we  can  put  all  that 
together,  and  we  are  the  low- 
cost  producer  in  terms  of  deliv¬ 
ering  a  complete,  assembled 
environment.  There  are  a  lot  of 


folks  out  there  that  think  it’s 
cheaper  to  go  out  and  buy  the 
piston  ring,  the  camshaft,  the 
carburetor  and  the  engine  block 
and  get  all  of  the  pieces  cheaper 
than  you  can  buy  a  complete 
engine.  But  by  the  time  you  get 
through  assembling  it,  it  ain’t 
cheaper. We’ve  got  a  pretty  inter¬ 
esting  and  compelling  story, 
unless  you’re  going  out  for  the 
cheapest  piston  ring  and  then 
Dell’s  got  an  advantage  — 
maybe. 

Things  have  been  tough  financially 
for  Sun  lately.  What's  the  latest 
outlook? 

We  have  $5  billion-plus  cash 
in  the  bank.  We’ve  been  cash¬ 
flow  positive  for  the  last  eight  or 
nine  years  from  operations.  We 
have  the  largest  installed  base 
and  the  No.  1  64-bit  micro¬ 
processor  franchise  with  Sparc. 
Solaris  is  the  No.  1  Unix  fran¬ 
chise  out  there  and  runs  on  all 
of  the  major  microprocessor 
platforms  except  PowerPC. 

We  have  the  Java  franchise 
with  a  billion  and  a  half  devices 
out  there,  which  I  think  at  this 
point  is  now  bigger  than  the 
Microsoft  installed  base,  with  no 
viruses,  and  major  design  wins 
in  all  the  major  service  pro¬ 
viders  and  financial  service 
providers. 

I  like  our  position.  I  like  our 
brand.  I  like  our  product  line. 
Our  cost  structure  is  a  little 
high,  but  we’re  not  going  to  go 
take  a  meat  cleaver  to  it  and 
ruin  the  product  calendar  or  let 
customer  satisfaction  suffer.  So 
as  we  are  able  to  address  the 
cost  structure  in  a  positive  way 
we’ll  take  this  thing  back  to 
profitability 

What  do  you  thjnk  about  the 
SCO/IBM/Noveli  brouhaha? 

First  of  all,  Sun  is  the  No.  1 
donator  of  open  source  soft¬ 
ware  to  the  community  behind 
the  University  of  California  at 
Berkeley  There  is  probably  no 
company  that  would  be  more 
disappointed  to  see  the  open 
source  movement  hit  a  pot¬ 
hole.  We  have  full  software 
indemnification  against  any 
SCO  claims  because  we  spent 
about  $90  million  10  years  ago 
paying  off  Ray  Noorda  at 
Novell  for  all  of  our  Unix  [intel¬ 
lectual  property] ,  which  is 
unlike  IBM,  which  won’t  indem¬ 
nify  you  on  your  Linux  because 
they  don’t  know  whether  this 
lawsuit  has  any  legs.  ■ 

Get  more  information  online. 
DocFinder:  1451 
www.nwfvsioa.com 


I  Ilf  they  threw  a  little  Dell 
server  on  your  desk,  you’d  be 
about  as  close  to  delivering  a 
reliable,  scalable,  usable  Web 
service  as  if  I  threw  a  piston 
ring  on  your  table  and  said  drive 
to  Chicago.  91 

Scott  McNealy 

CEO,  Sun 


IronPort. 

Rebuilding  the  World’s 
Email  Infrastructure. 
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Siemens  to  launch  high-end  IP  PBX 


■  BY  PHIL  HOCHMUTH 

Borrowing  technology  from  its 
carrier  softswitches,  Siemens  has 
developed  an  enterprise  network- 
level  IP  PBX  it  says  companies 
can  use  to  consolidate  telephony 
setups  based  on  distributed  re¬ 
gional  and  branch  office  systems. 

The  HiPath  8000,  initially  shown 
last  month  at  the  CeBit  show  in 
Germany,  is  being  readied  for  its 
U.S.  debut  over  the  next  two 
months,  although  Siemens  declin¬ 
ed  to  confirm  when  the  box  will 
ship  or  how  much  it  will  cost. 

“Siemens  initially  developed 
the  product  as  the  Surpass  HiQ 
8000  softswitch,  but  has  reengi¬ 
neered  it  to  meet  the  needs  of  dis¬ 
tributed  enterprises,”  Gartner  ana¬ 
lyst  Steven  Blood  says  in  a  report. 

According  to  reports, part  of  this 
reengineering  involved  adding 
support  for  Siemens’  ComScendo 
enterprise  IP  telephony  feature 


set,  along  with  the  Session  Initi¬ 
ation  Protocol  (SIP)  —  an  emerg¬ 
ing  standard  for  real-time  IP  voice 
and  video  communications  that 
has  gained  wide  industry  sup¬ 
port.  Support  for  both  Com¬ 
Scendo  and  SIP  will  let  the  HiPath 
8000  work  with  Siemens  Opti- 
Fbint  IP  phones  and  third-party 
devices  and  applications  based 
on  SIP 

According  to  reports  and 
Siemens  marketing  material, 
the  HiPath  8000  is  an  all-IP  tele¬ 
phony  platform  that  can  scale 
from  10,000  to  100,000  users. 
The  previous  high  number  of 
users  supported  was  12,000  by 
the  HiPath  4000,  which  debuted 
in  December. 

The  HiPath  8000  will  compete 
with  systems  such  as  3Com  s  VCX, 
Avayas  S8700,  Cisco’s  CallMan- 
ager  and  Nortel’s  Succession  M 
series,  and  softswitches  from 
BroadSoft  and  Sonus  Networks. 


Scaling  Hi-er 

Siemens’  HiPath  8000  is 
an  IP  PBX  for  large 
companies  that 
incorporates  carrier 
softswitch  technology. 
Features  include: 


•  Support  for  SIP  and 
Siemens'  proprietary 
VoIP  protocols. 

•  Support  for  more  than 
10,000  IP  endpoints. 


A  Unix-based  operating 
system  that  runs  on 
standard  server 
hardware. 


The  University  of  Texas  South¬ 
western  Medical  Center  at  Dallas 
is  deploying  a  HiPath  4000  to  re¬ 
place  an  aging  Rolm  PBX  infra¬ 


structure.  While  Telecom  Manager 
Elwyn  Hull  has  no  plans  to  up¬ 
grade  to  a  HiPath  8000,  he  says 
the  concept  of  a  carrier-grade  IP 
PBX  is  intriguing. 

“Currently,  the  HiPath  4000  is 
meeting  our  scaling  needs,”  he 
says.  “Although  I  would  certainly 
be  interested  in  seeing  Siemens 
incorporate  some  of  its  carrier- 
type  capabilities  [into  its  enter¬ 
prise  products] 

Hull  says  he  expects  to  see 
Siemens  inject  some  of  its  carrier 
voice  technology  into  its  lower- 
end  IP  PBX  products. 

Gartner’s  Blood  says  the  HiPath 
4000  and  8000  should  be  the  two 
Siemens  products  large  compa¬ 
nies  evaluate  for  an  IP  PBX 
deployment.  With  the  latest  ver¬ 
sion  of  the  4000  supporting  up  to 
12,000  users,  “continued  invest¬ 
ment  in  [the]  HiPath  4000  sys¬ 
tems  remains  a  solid  option,”  he 
writes.  ■ 


Healthcare  IT  execs  share  their  wish  lists 


■  BY  ANN  BEDNARZ 

BOSTON  —  Vendors’  pricing  models  are 
lacking.  Better  tools  are  needed  to  sift  through 
piles  of  data.Trying  before  buying  is  key 

Those  were  sentiments  expressed  by  a  range 
of  technology  buyers  from  healthcare  and 
pharmaceutical  companies  on  a  panel  host¬ 
ed  by  Ernst  &  Young  at  last  week’s  Bio-IT  World 
conference. 

At  CareGroup  Health  System,  IT  priorities 
center  around  safety,  reliability 
and  security,  said  John  Halamka, 

CIO  of  the  network  of  five  Boston- 
area  hospitals.  On  the  safety  front, 

Halamka  is  focused  on  shoring  up 
medication-dispensing  processes 
“from  the  doctor’s  brain  to  the 
patient’s  vein,”  he  said. That  means 
implementing  bar  codes  for  med¬ 
ication  and  other  automation 
efforts  to  ensure  the  right  dosage 
of  medication  is  dispensed  to  the  intended 
patient  at  the  proper  time. 

CareGroup’s  reliability  efforts  are  aimed  at 
reducing  downtime  —  an  issue  Halamka  bat¬ 
tled  in  late  2002  when  one  of  the  CareGroup 
hospitals  suffered  network  slowdowns  and 
interruptions  for  more  than  three  days. 
Halamka’s  current  expectations  are  to  exceed 
99.9%  availability,  although  the  notion  of  any 
downtime  at  all  is  unacceptable  to  hospital 
administrators,  he  said. 

Security  is  an  ongoing  battle:  The  Harvard 
University  domain  is  attacked  once  every  7 
seconds,  said  Halamka,  who  also  serves  as 
CIO  of  Harvard  Medical  School.  Intrusion 
detection  is  key,  and  his  staff  includes  two 


employees  who  are  dedicated  to  keeping 
systems  secure. 

Infinity  Pharmaceuticals  doesn’t  have  the 
burden  of  many  legacy  systems  because  the 
company  built  its  core  infrastructure  from  the 
ground  up  over  the  past  three  years,  said 
Andrew  Palmer,  senior  vice  president  of  oper¬ 
ations  at  the  Cambridge,  Mass., drug-discovery 
company  Its  primary  IT  focus  is  on  improving 
the  quality  of  decision-making  with  the  use  of 
computational  analysis  tools,  he  said. 


John  Halamka 

CIO,  CareGroup  Health  System 

Barrie  Hesp,  a  retired  Pfizer  executive,  sin¬ 
gled  out  one  area  where  innovation  is  lacking. 
Technology  to  help  navigate  the  sea  of  intel¬ 
lectual  property  would  be  useful,  Hesp  said. 
“Anything  to  help  avoid  the  use  of  patented 
technology  would  be  a  very  big  advantage”  in 
drug  discovery  and  development,  he  said. 

Vendors’  licensing  models  was  a  hot  topic 
among  panelists. 

For  Biogen  Idee,  licensing  preferences  are 
rapidly  moving  away  from  named  user  licens¬ 
es  to  more  flexible  models  that  can  accom¬ 
modate  periodic  users  more  economically 
said  Rainer  Fuchs,  vice  president  of  research 
informatics  at  the  Cambridge  biotechnology 
company.  “Anything  that  is  not  a  floating 


license  or  a  site  license  is  not  of  interest  to  us 
anymore,”  Fuchs  said. 

Halamka  doesn’t  like  surprises.  “I  need 
highly  predicable  pricing  models,”  he  said.’A 
company  not  to  emulate  is  Microsoft.” 
Halamka  said  he  has  to  dedicate  one  full¬ 
time  employee  just  to  figure  out  Microsoft’s 
prices.“Per-server  licensing  works  pretty  well 
for  me,  per-user  licensing  does  not,”  he  said. 

Palmer  lamented  a  lack  of  pricing  flexibility 
that  would  let  Infinity  invest  minimally  to  try 
out  a  product  and  increase  spend¬ 
ing  incrementally  as  the  technolo¬ 
gy  proves  its  worth.  “Vendors  that 
earn  our  business  are  willing  to 
share  risk,”  Palmer  said.  “An  incre¬ 
mental  approach  that  grows  is  the 
right  way  to  go.” 

However,  per-user  licensing  does 
have  its  use,  said  Monte  Dean 
Brown,  vice  chairman  of  the  de¬ 
partment  of  medicine  at  Brigham 
and  Women’s  Hospital,  a  CareGroup  property 
in  Boston. The  opportunity  to  start  with  a  per¬ 
user  license  lets  Brown  give  a  product  to  a  few 
key  end  users  to  try  out  without  going  through 
the  formal  capital  budget  approval  process.  If 
a  technology  proves  to  be  effective  in  a  small 
rollout,  it  stands  a  better  chance  of  being 
approved  for  a  site  license,  he  said. 

Limiting  free  software  trials  to  one  user  does¬ 
n’t  go  over  well.  Give  the  product  to  as  many 
people  as  possible,  Fuchs  suggested.  It’s  much 
better  to  get  five  people  excited  about  a  new 
product  than  only  one,  he  said. “To  limit  it  to 
one  person  makes  no  sense,”  Fuchs  said. 

Palmer  agrees.“Don’t  charge  me  every  time  I 
want  to  give  it  to  one  scientist,”  he  said.  ■ 


III  need  highly  predictable 
pricing  models.  11 
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Blades  raise  heat,  power  issues 


■  BY  JENNIFER  MEARS 


As  blade  servers  become  more  power¬ 
ful,  business  customers  need  to  think  care¬ 
fully  about  how  to  cool  the  thin  devices, 


■  Polycom  last  week  announced  a 
$180  IP  phone  aimed  at  deployments 
of  VoIP  services,  or  as  IP  endpoints  for 
enterprise  IP  PBXs.The  entry-level 
SoundPoint  300  boasts  dual-line 
support,  three-way  conferencing  and 
10  programmable  keys  that  can  be 
configured  to  work  with  telephony 
features  on  a  variety  of  IP  PBXs  and 
softswitches.  The  phone  supports 
802.3af  Power  over  Ethernet  and 
Cisco's  proprietary  PoE  technology 
used  on  its  Catalyst  switches.  The 
phone  supports  the  Media  Gateway 
Control  Protocol  and  the  H. 323  VoIP 
protocol.  Polycom  says  it  will  release 
a  Session  Initiation  Protocol  software 
load  for  the  phone  by  midyear. 

■  Unisys  last  week  introduced  a  new 
line  of  its  ClearPath  mainframe 
servers,  one  of  which  will  be  available 
with  a  pay-per-use  pricing  model  that 
will  save  customers  between  20%  and 
30%  on  the  cost  of  their  big  iron,  the 
company  says.  The  ClearPath  Plus 
Libra  500  line  comprises  three  sys¬ 
tems.  The  first,  the  Libra  520  midrange 
system,  is  based  on  Intel’s  Gallatin 
multiprocessor  Xeon  chip.  The  Libra 
580  and  590  systems  will  support 
Xeon  processors  or  the  Unisys  MCP 
complementary  metal-oxide  semicon¬ 
ductor  processor. 

The  590  uses  software  called  the 
Utilization  Sentinel  that  lets  cus¬ 
tomers  slow  down  or  speed  up  the 
level  of  system  usage  available  to 
their  mainframe  applications, 
depending  how  much  they  want  to 
spend  each  month.  Pricing  for  the 
systems  ranges  from  $300,000  to 
$1.8  million.  An  eight-processor  Libra 
520,  for  example,  costs  approximate¬ 
ly  $500,000.  Unisys  declined  to  dis¬ 
close  the  range  of  its  pay-per  use 
pricing. 


The  heat  is  on 

Companies  using  two-processor 
blades  have  reported  heat  output 
of  as  much  as  14  kilowatts  per 
rack,  according  to  the  Uptime 
Institute.That's  roughly 
equivalent  to  the  heat  given  off 
by  two  electric  ovens. 
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14  kilowatts  per  rack 


16  kilowatts 


which  can  generate  more  heat  and  con¬ 
sume  more  power  in  small  spaces  than 
most  data  center  managers  are  used  to. 

At  the  recent  Server  Blade  Summit  in 
San  Jose,  attendees  saw  firsthand  how  the 
increase  in  power  demands  from  the 
densely  packed  systems  could  affect 
enterprise  data  centers:  An  interoperabil¬ 
ity  demonstration  of  working  blade  sys¬ 
tems  caused  the  power  in  the  Wyndham 
Hotel  that  hosted  the  conference  to 
flicker  on  and  off  sporadically  throughout 
the  event. 

While  analysts  and  industry  observers 
note  that  the  Wyndham  wasn’t  designed 
as  a  data  center,  they  agree  that  power  and 
heat  issues  will  be  a  key  concern  as  busi¬ 
nesses  re-architect  their  data  centers  to 
make  more  efficient  use  of  their  compute 
resources.  System  density  is  increasing 
throughout  the  industry  as  chip  manufac¬ 
turers  continue  to  boost  the  speed  and 
power  of  CPUs,  analysts  say. 

“Heat  and  power  management  are 
issues  for  the  whole  industry,  not  just 
blades,”  says  Mark  Melenovsky,  research 
director  of  global  enterprise  server  solu¬ 
tions  at  IDC.“But  blades  do  kind  of  con¬ 
centrate  the  concern  because  of  the  small 
form  factor” 

A  senior  vice  president  of  critical  sys¬ 


tems  at  a  large  financial  institution  who 
asked  not  to  be  named  says  his  company 
is  experiencing  “surprising  increases  in 
power  density”  as  it  brings  in  partitioned 
servers,  and  storage-area  networks,  and 
looks  at  deploying  blade  servers. 

“With  blades  and  other  high-density 
servers,  we  saw  in  the  same  server  foot¬ 
print  power  density  could  increase  six-  to 
eightfold,”  he  says.  “Where  we  saw  some¬ 
thing  like  3  kilowatts  of  power  with  a  stan¬ 
dard  server  cabinet,  partitioned  servers 
could  use  24  kilowatts  of  power,  and 
blades  are  the  same  or  worse.” 

Blades  were  developed  in  2000  to  meet 
the  needs  of  rapidly  expanding  Internet 
data  centers.  Blade  pioneers  such  as  RLX 
Technologies  offered  service  providers 
increased  server  density  and  avoided  dra¬ 
matic  increases  in  power  consumption  by 


using  lower-power  processors. 

However,  as  the  service  provider  market 
slowed  and  blade  server  vendors  turned 
to  enterprise  customers,  they  found  that 
the  lack  of  computing  power  limited 
blade  adoption.  Today,  blades  are  becom¬ 
ing  increasingly  powerful.  By  2005,  blades 
should  be  able  to  run  80%  of  enterprise 
applications,  Gartner  says  in  a  research 
note  it  published  late  last  year  that 
focused  on  server  density. 

At  the  same  time,  power  and  heat  issues 
are  taking  center  stage. 

“Enterprises  must  . . .  carefully  factor  in 
the  power  and  cooling  demands  of  these 
blades,”  the  Gartner  report  says.  “Many 
enterprises  will  not  be  able  to  achieve 
optimal  density  because  of  environmen¬ 
tal  limitations.  Simply  put,  the  vision  of 

See  Blade,  page  22 


NETWORK  WORLD  S  WIRELESS  LANS 
TECHNOLOGY  TOUR 

BACKSTAGE 

WITH  CRAIG  MATHIAS 

Network  World  hits  the  road  this 
month  with  its  Wireless  LANs 
Technology  Tour.  Craig  Mathias,  prin¬ 
cipal  at  Farpoint  Group,  keynotes  the 
event  and  will  highlight  the  impor¬ 
tant  changes  in  the  WLAN  industry. 
Network  World  Events  Editor  Sandra 
Gittlen  recently  discussed  what’s 
ahead  with  Mathias. 

IT  managers  are  being  pulled  in  all  directions 
regarding  wireless  technology.  What  is  the 
best  way  for  them  to  decide  if  WLAN  technol¬ 
ogy  fits  into  their  network? 

I  always  like  to  caution  against  the  gra¬ 
tuitous  use  of  wireless.There  are  three 
key  justifications  for  going  wireless  in  any 


form:  where  wire  just  can’t  be  installed 
due  to  physical  constraints,  where  wire¬ 
less  is  less  expensive  over  the  life  cycle  of 
a  given  installation  (note  this  includes 
productivity  improvements  and  any  other 
financial  elements), or  where  mobility  is 
a  factor. 

What  would  be  an  obstacle  to  using  WLANs? 
Security?  Distance?  Interference?  Are  there 
any  network  “deal-breakers"? 

Security  has  been  the  classic  deal- 
breaker.  . . .  But  we’ve  now  addressed  the 
core  WLAN  security  concerns,  primarily 
through  Wireless  Protected  Access  and 
the  use  of  upper-layer  authentication 
(like  RADIUS)  and  encryption  (like  VPN) 
techniques.  It’s  my  opinion  that  no  poten¬ 
tial  user  should  reject  going  wireless 
purely  based  on  security  concerns. 

Range  was  a  concern  for  quite  a  while, 
back  when  access  points  cost  more  than 
$1,000.  But  with  much  more  cost-effective 
access  points  now  available,  we  usually 
advise  clients  to  install  more  of  them  and 
to  make  the  distance  between  them  less. 
Less  distance  means  higher  throughput 


since  radio  signals  degrade  rapidly  with 
distance,  and  more  access  points  provide 
more  capacity  and  thus  a  greater  poten¬ 
tial  for  improved  productivity. . . . 
Fortunately,  a  combination  of  network 
protocols,  using  the  5-GHz  802. 1  la  spec¬ 
trum,  and  radio  frequency  spectrum 
management  techniques  can  be  used  to 
address  interference. 

Some  IT  organizations  have  been  charged 
with  blending  their  private  and  public  wire¬ 
less  efforts.  What  do  you  recommend  when 
doing  this? 

Public-access  Wi-Fi  is  going  to  be  huge. 
It’s  replacing  modem  connections  for 
many  people.  It’s  more  convenient  than 
wired  broadband.  But  it  does  have  one 
big  problem  today  —  security.  Unlike 
enterprise  WLAN  installations,  where  all 
security  is  under  the  control  of  network 
managers,  public-access  WLANs  can  be 
very  insecure  and  even  spoofed,  allowing 
unsuspecting  users  to  associate  with  the 
spoofer  and  give  away  valuable  pass¬ 
words  and  credit  card  information. 

See  Mathias,  page  22 
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Faster  than  the  speed  of  change. 

Be  nimble.  Be  quick.  HP  Integrity  Servers  are  capable  of  executing  one  million 
transactions  per  minute  and  built  to  run  multiple  operating  systems  simultaneously. 
Supported  by  Intel®  Itanium®  2  technology,  Integrity  is  the  most  powerful  line  of 
industry-standard  servers  available  today.  Providing  you  with  the  computing 
power  to  adapt,  evolve  and  change  faster  than  anyone,  anywhere,  at  any  time. 
www.hp.com/info/integrity 
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The  European  Union  finally  came  out 
with  the  penalties  Microsoft  will  have 
to  pay  for  being  found  guilty  of  anti¬ 
competitive  practices.  A  fine  of  $600-plus 
million,  along  with  changes  to  Windows, 
are  being  imposed  on  the  Redmond 
monopolist. 

Predictably,  Microsoft  howled  about  the 
penalties,  still  proclaiming  its  innocence. 
But  the  strangest  reaction  was  a  letter 
from  five  Republican  and  five  Democrat 
congressmen  (www.nwfusion.com,  Doc 
Finder:  1427).  The  congressmen  wrote  a 
joint  note  to  EU  Competition  Com¬ 
missioner  Mario  Monti  complaining,  in 
effect,  that  his  decision  amounted  to  dou¬ 
ble  jeopardy  since  the  U.S.  Department  of 


Sorry,  Microsoft,  but  the  EU  got  it  right 


Justice  settlement  in  its  anti-trust  case 
against  Microsoft  already  punished  the 
company’s  misbehavior.  Or,  as  their  letter 
put  it:  “The  [U.S.]  courts  final  judgment 
established  a  comprehensive  regulatory 
scheme  that  not  only  resolved  past  con¬ 
duct,  but  also  created  a  detailed  compli¬ 
ance  structure  to  address  future  competi¬ 
tive  concerns  that  might  arise.” 

What  are  they  smoking? 

Outside  of  Redmond,  very  few  people 
thought  the  Department  of  Justice  settle¬ 
ment  did  anything  about  “competitive 
concerns.”  Many  people,  in  fact,  (such  as 
the  commonwealth  of  Massachusetts) 
thought  the  Justice  Department  should  be 
investigated  for  misfeasance  for  even  con¬ 
templating  such  a  settlement.  So  it’s  heart¬ 
ening  to  see  the  EU  stepping  up  and 
doing  what  the  U.S.  government  should 
have  done. 

The  EU  also  is  requiring  that  Microsoft 
market  a  version  of  Windows  with  the 
Windows  Media  Player  removed.  The 


company  can  offer  both  versions,  or  only 
the  modified  one.  Some  people  —  even 
those  not  working  for  Microsoft  —  are 
howling  that  this  will  stifle  innovation. 
Bullfeathers.  Network  managers  should 
be  applauding  this  penalty  and  urging 
U.S.  regulators  to  do  the  same.  While  there 
are  a  tiny  number  of  instances  when 
Media  Player  could  be  useful  on  a  corpo¬ 
rate  network,  they  are  few  and  far 
between.  The  majority  of  usage  is  per¬ 
sonal,  with  bandwidth  clogging  audio  and 
video  forming  the  bulk  of  the  traffic.  Non¬ 
productive  traffic,  I  might  add.  If  your  users 
want  to  listen  to  music  while  they  work, 
provide  them  with  radios  (or  CD  players) 
with  headsets.They  don’t  steal  CPU  cycles 
from  the  job  the  users  are  supposed  to  be 
doing. 

Thank  you,  Mr.  Monti.  It’s  not  often  1  think 
the  EU  gets  it  right,  but  they  certainly  did 
this  time. 

Kearns,  a  former  network  administrator, 


is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@uquill.  com. 


Tip  of  the  Week 


I've  stayed  in  six  different 
hotels  in  the  last  10  days, 
and  used  everything  from 
dial-up  to  $10-per-day 
broadband  for  connectivity. 
I  was  surprised,  though,  by 
free  high-speed  connections 
in  both  Raleigh,  N.C.,  and 
Morgantown,  W.Va.  It  would 
pay  you  to  call  the  hotel 
directly  and  ask  before 
booking  a  reservation.  It 
saves  time  and  money,  so 
what  could  be  better? 


Alcatel  launches  workgroup  switch 


Blade 

continued  from  page  19 


■  BY  PHIL  HOCHMUTH 

Alcatel  last  week  launched  an  all-Gigabit 
switch  aimed  at  high-end  workgroups  or 
for  connecting  servers  or  clustered  nodes 
in  a  data  center. 

The  fixed-configuration  OmniStack  6300 
lets  users  deploy  Gigabit  Ethernet  with 
security  and  traffic  management  features 
to  desktops  and  servers  at  a  lower  cost  than 
similarly  configured  competitive  switches, 
Alcatel  says. 

The  switch  comes  with  24  copper  10/100/ 
1000M  bit/sec  ports,  plus  four  fiber-based 
1G  bit/sec  Ethernet  ports  for  uplinks  (for 
each  fiber  port  activated,  a  copper  port 


Mathias 

continued  from  page  19 

Strong  mutual  authentication  is  required, 
and  that’s  not  in  place  in  most  public 
WLANs  yet. The  public-space  WLAN  opera¬ 
tors  will  get  around  to  this  once  they 
understand  the  problem,  and  once  users 
demand  it.  And  note  that  two  layers  of 
authentication  are  required  —  one  to  set 
up  a  secure  connection  with  the  public- 
access  WLAN,  and  this  is  really  no  differ¬ 
ent  than  any  other  ISPand  one  to  build 
the  VPN  tunnel  with  the  user’s  enterprise 
network.  We  think  that  the  cellular  carriers 
are  likely  to  dominate  in  this  space  over 
time,  and  that  security  will  likely  improve 
as  a  result.  But  for  now, caution  is  advised. 

What  are  five  key  components  of  a  wireless 
equipment  rollout  strategy? 

First  of  all,  it’s  important  to  have  an  IT 
strategy  that’s  synchronized  with  enter¬ 
prise  strategy  and  objectives.There’s  no 


must  be  deactivated).  While  it  is  a  Layer  2 
switch,  it  supports  traffic  management  and 
security  features  that  use  Layer  3  and  Layer 
4  packet  inspection. These  include  Layer  3 
Differentiated  Service  quality-of-service 
capabilities  and  access  control  lists  (ACL) 
based  on  Layer  3  and  Layer  4  TCP/IP  data. 

The  box  supports  Layer  2  features  such  as 
802. lx  port  authentication,  virtual  LANs 
and  media-access-control-based  ACL  filters 
—  which  let  administrators  permit  network 
access  only  to  users  with  registered  wired 
or  wireless  network  interface  cards. 

Redundancy  and  failover  features  on  the 
box  include  802.3ad  link  aggregation  and 
multiple  spanning  tree  support.  Link  aggre- 


point  in  buying  new  gear,  including  wire¬ 
less,  if  it  doesn’t  advance  the  overall  mis¬ 
sion  of  the  corporation  and  work  in  con¬ 
cert  with  existing  budgets  and  policies. 
Next,  it’s  vital  to  understand  that  network 
infrastructure  will  require  upgrades,  addi¬ 
tions  and  replacement  over  time,  and  the 
ability  to  do  this  in  a  non-disruptive  fash¬ 
ion  is  essential. Third, since  security  is  such 
a  critical  item,  a  written  security  policy  is 
vital,  and  any  wireless  network  functionali¬ 
ty  must  be  in  line  with  this  policy  Fourth, 
review  applications  so  as  to  determine 
traffic  volumes,  locations  to  be  covered, 
transmit  duty  cycles,  time-bounded  traffic 
requirements  and  user  service  classes. 
Finally,  determine  how  much  fault-toler¬ 
ance  you’re  going  to  need,  whether  it’s 
back-up  wireless  facilities  or  a  fallback  to 
wire. 

What  do  you  think  will  be  the  biggest  change 
in  the  industry  in  the  next  year? 

That’s  a  tough  one. The  single  biggest 


gation  can  be  used  to  trunk  uplink  ports, 
which  creates  a  multi-Gigabit  virtual  pipe. 
Multiple  spanning  tree  lets  the  box  connect 
to  multiple  uplink  switches  without  the 
need  for  Layer  3  routing  capabilities;  this 
lets  the  box  recover  from  uplink  failures 
more  quickly  the  company  says. 

At  about  $100  per  Gigabit  port,  the 
OmniStack  6300  costs  approximately  25% 
to  50%  less  than  competitive  switches  with 
similar  features,  speed  and  port  counts.  All- 
Gigabit  versions  of  Cisco’s  Catalyst  2900 
and  Foundry  Networks’  Fastlron  Edge 
Switch  are  comparable  products. 

The  OminStack  6300  is  available  now  for 
$2,500.  ■ 


change  will  be  even  higher  performance, 
with  proprietary  or  pre-standard  100-plus 
M  bit/sec  solutions  appearing  in  advance 
of  the  ratification  of  802.1  In.  More  perfor¬ 
mance  is  always  desirable,  even  for  traffic 
that  doesn’t  require  it,  because  more  per¬ 
formance  also  means  more  capacity  — 
even  low-speed  traffic  moves  more  effi¬ 
ciently  on  a  high-bandwidth  network;  we’ll 
also  need  more  bandwidth  to  provide 
greater  headroom  for  time-bounded  traffic 
like  voice  over  Wi-Fi.  But  users  will  need  to 
be  on  the  lookout  for  possible  (and  per¬ 
haps  likely)  incompatibilities  between  pre¬ 
standard  products  and  what  eventually  is 
in  the  standard.  ■ 

More  online! 

To  register  for  the 
Wireless  LANs  Technology 
Tour,  visit: 

DocFinder:  1470 


hundreds  of  blade  servers  in  a  rack  is 
unrealistic  for  most  enterprises  in  the  next 
five  years.” 

IDC’s  Melenovsky  says  that  he  doubts 
the  issues  of  heat  and  power  will  stem  the 
adoption  of  blade  servers  in  the  long 
term.  About  185,000  blade  servers  were 
sold  last  year,  which  accounts  for  just  2% 
of  the  overall  server  market,  according  to 
IDC.  1DC  expects  blade  server  sales  to 
jump  to  more  than  450,000, or  about  8%  of 
the  market,  this  year. 

“I  have  faith  in  the  industry  to  innovate 
along  this  path  [to  address  heat  and 
power  concerns] ,”  Melenovsky  says. 

Indeed,  Advance  Micro  Devices  and 
Intel  have  rolled  out  lower-power  proces¬ 
sors,  although  none  of  the  vendors  have 
said  whether  they  plan  to  incorporate 
these  chips  in  blade  systems.  One  issue  is 
that  low-power  CPUs  mean  lower-per¬ 
forming  systems. 

“We  have  chosen  not  to  go  the  low- 
power  route  at  this  point  mostly  because 
customer  demand  has  been  for  the  high¬ 
er-power  processors,”  says  Tim  Dougherty, 
director  of  BladeCenter  strategy  at  IBM. 

For  its  part,  Intel  plans  to  add  power 
management  technology  to  its  Itanium 
and  Xeon  processors  in  the  next  year  or 
so  to  let  users  set  power  thresholds  and 
let  the  CPU  be  cycled  on  and  off  depend¬ 
ing  on  needs. 

Meanwhile,  most  systems  vendors 
offer  tools  to  help  customers  analyze 
power  and  cooling  needs  within  data 
centers.  James  Mouton,  vice  president 
of  platform  strategy  for  HP’s  industry- 
standard  servers,  says  HP  offers  cus¬ 
tomers  data  center  assessment  tools,  but 
notes  that  chip  makers  too  have  an 
important  role  to  play  in  addressing 
power  issues.  ■ 


Introducing  Firebox’  X.  The  integrated,  expandable  network  security 
appliance  that  intelligently  does  its  job,  so  that  you  can  do  yours. 
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Firebox^ 


UUe 

The  Security  You  Really  Need.”  WatchGliard^jJ* 

©Copyright  2004.  WatchGuard  Technologies,  Inc.  All  rights  reserved.  WatchGuard,  The  Security  You  Really  Need  and  Firebox  are  either 
registered  trademarks  or  trademarks  of  WatchGuard  Technologies.  Inc.  and/or  its  subsidiaries  in  the  United  States  and/or  other  countries. 


FREE  NETWORK  A  Practical  Guide  Get  yours  by  visiting  www.watchguard.com/nwguide 

SECURITY  GUIDE  for  Better  Security  or  by  calling  1-877-732-8780. 
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The  right  management  should  do  more  than  just  protect. 
It  should  also  enable. 


eTrust"  Security  Management  Software 

In  the  world  of  on-demand  computing,  it's  vital  that  your  IT  environment  be  both  secure  and  accessible.  That's  why  it's  essential  that  you  have 
the  right  security  management  software.  With  eTrust  security  management  software,  you  get  the  very  best  in  access,  identity,  and  threat 
management  all  seamlessly  integrated  with  your  existing  technology.  On  the  one  hand,  you  can  rest  assured,  knowing  that  your  information  is 
safe  from  prying  eyes.  At  the  same  time,  you  don't  have  to  worry  about  partners,  customers  or  employees  being  locked  out  of  areas  that  they 
need  to  access  to  optimize  business.  Best  of  all,  eTrust  can  give  you  a  single  view  of  your  entire  enterprise,  putting  you  in  complete  control.  As 
a  result,  you  can  make  real-time  decisions  based  on  comprehensive  information.  So  if  you're  looking  for  ways  to  minimize  risk  while  maximizing 
your  potential,  or  to  get  a  white  paper,  go  to  ca.com/security. 
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Schools  rethink  network  security 

College  IT  staffs  have  become  proactive  since  last  summer’s  Blaster  attack. 


■  BY  JOHN  COX 

Computer  worms  and  viruses  continue  to 
besiege  colleges  and  universities,  which 
are  responding  with  a  range  of  network 
security  improvements. 

Most  schools  are  focusing  on  technology 
fixes:  Products  designed  to  correct  specific 
weaknesses.  But  those  won’t  be  enough  if 
the  schools’  CIOs  overlook  “softer”  but 
equally  vital  issues, such  as  involvement  by 
school  presidents  and  provosts,  and  secur¬ 
ity  procedures  that  help  the  school’s  cul¬ 
ture  and  mission. 

Those  softer  issues  are  getting  more 
attention  now  after  the  worm  onslaughts 
that  hit  campus  networks  hard  last  sum¬ 
mer  and  fall. 

These  issues  were  laid  out  recently  at  the 
New  England  regional  meeting  of  Edu- 
cause,a  consortium  of  higher  education  IT 
professionals.  One  presentation  covered  re¬ 
sults  of  an  Educause  IT  security  survey 
conducted  about  a  year  ago  and  published 
in  December  (see  graphic,  right,  and  go  to 
www.nwfusion.com,  DocFinder:  1437). 

But  some  results  surely  would  have 
changed  since  the  widely  publicized 
attacks  of  worms  such  as  Blaster  last  sum¬ 
mer,  says  study  co-author  John  Voloudakis, 


now  principal  at  Polaris  Consulting.  The 
survey  found  that  while  two-thirds  of  the 
435  surveyed  schools  require  all  institu¬ 
tional  computers  to  have  anti-virus  soft¬ 
ware,  only  one-third  required  student  com¬ 
puters  to  be  so  equipped.This  has  jumped 
since  the  summer  attacks,”  he  says,  based 
on  his  talks  with  network  executives  and 
managers. 

The  attacks  and  public  embarrassments 
like  identify  theft  that  victimize  students 
and  faculty  are  leading  to  a  re-appraisal 
of  how  schools  approach  security, 
he  says. 

“People  are  now  thinking  about  central¬ 
ization  and  standardization  of  security  he 
says.  Some  schools  that  were  opposed  to 
external  firewalls  are  rethinking  that  posi¬ 
tion,  for  example. 

“The  viruses  and  worms  have  forced  us  to 
be  much  more  rigorous  in  our  software 
patching  process,”  says  Douglas  Burns, 
director  of  IS  at  Ohloni  College,  a  state 
community  college  in  Fremont,  Calif. 

Last  semester,  the  University  of  Massa¬ 
chusetts  at  Amherst  shut  down  5,000  host 
computers  on  campus  to  combat  various 
attacks.  “It  remains  to  be  seen  [what]  the 
long-term  impact  will  be"  on  campus 
awareness  and  priorities,  says  Christopher 


Takes 

■  Internet  Security  Systems  has 

unveiled  two  gigabit-speed  models  of  its 
Proventia  intrusion-prevention 
system  line  that  operate  in  three 
modes:  active  blocking  of  attacks,  pas¬ 
sive  detection  or  simulated  blocking 
response.  Each  product  has  four  10M 
bit/sec  or  100M  bit/sec  ports,  although 
one  model  (G1000F)  is  for  fiber-optic  net¬ 
works  and  the  other  (G1000)  for  copper. 
The  G1000F  starts  at  about  $37,000  and 
the  G1000  at  about  $35,000.  Each 
includes  the  SiteProtector  centralized 
network  management  system. 

■  Oblicore,  a  maker  of  service-level 
management  software,  last  week 
announced  that  it  has  added  $9  mil¬ 
lion  in  venture  capital  funding. 


bringing  the  company's  total  funding  to 
$21  million.  Lead  investors  for  this  third 
round  of  funding  were  JVP  and 
Favonius  Ventures;  previous  investors 
Concord  Ventures  and  Platinum 
Neurone  Ventures  also  contributed  to 
this  round.  The  new  funds  will  be  used 
to  support  expansion  of  marketing, 
sales  and  product  development  efforts, 
Oblicore  says. 

■  Microsoft  last  week  released  an 
add-on  for  its  Office  System  products 
designed  to  help  companies  meet 
reporting  requirements  the  Sarbanes- 
Oxley  Act  set.  The  Office  Solution 
Accelerator  for  Sarbanes-Oxley 
was  created  with  the  help  of  account¬ 
ing  companies  and  takes  advantage  of 
features  in  Windows  SharePoint 
Services  and  InfoPath  2003,  according 
to  Microsoft.  The  Office  additions  are 
available  to  all  Office  users  for  free  at 
www.nwfusion.com,  DocFinder:  1435. 


Misra,  network  analyst  with  the  school’s  IT 
office.“The  awareness  [of  security]  is  com¬ 
ing,  or  [already]  there,  at  staff  and  adminis¬ 
trator  levels,  but  it’s  is  still  lacking  at  end- 
user  levels.” 

Enlisting  support 

Savvy  CIOs  are  using  these  security  prob¬ 
lems  as  a  way  of  enlisting  the  active  sup¬ 
port  of  senior  management,  students  and 
notoriously  independent  faculty  members, 
instead  of  trying  to  steamroll  technology 
fixes  over  them. 

“We  let  them  stick  their  finger  in  the  light 
socket  and  fry  their  hair,”  says  Joanne 
Kossuth,  CIO  for  Franklin  WOlin  College  of 
Engineering, a  Needham,  Mass., school  that 
opened  in  the  fall  of  2002. She  says  her  staff 
of  12  then  finds  it  easier  to  enlist  support 
for  more  formalized,  and  rigorous,  security 
measures. 

One  early  decision  was  to  forge  an  honor 
system  with  students. “We  had  one  student 
who  put  up  a  rogue  [wireless]  access 
point,  and  another  student  reported  him,” 
Kossuth  says. 

Many  Ohloni  College  faculty  members 
were  victimized  by  viruses  and  worms  as 
they  worked  with  their  laptops  at  home. 
College  IT  staff  helped  them  recover  and 
protect  themselves,  and  the  experience  has 
paved  the  way  for  increased  cooperation 
going  forward,  according  to  Burns. 

These  kinds  of  approaches  build  rela¬ 
tionships  of  trust,  which  are  vital  to  making 
schools  more  secure,  and  to  making  peo¬ 
ple  feel  more  secure,  Polaris’  Voloudakis 
says. “Look  for  incentives  that  help  people 
make  responsible  decisions.” 

One  such  incentive  is  deploying  site 
licenses  for  anti-virus  software,  and  de¬ 
signing  simple  Web  sites  where  users  can 
easily  update  anti-virus  files  and  install 
patches. 

What  many  see  as  traditional  barriers  to 
better  IT  security,  such  as  concerns  that 
security  measures  shackle  academic  free¬ 
dom,  are  manageable  issues  when  ap¬ 
proached  with  the  right  attitude,  Vol¬ 
oudakis  says.  “You  help  people  under¬ 
stand  that  security  improves  personal  pri¬ 
vacy  for  students  and  faculty? 

One  school  has  a  policy  to  monitor  all 
business  units  to  uncover  any  personal  in¬ 
formation  they  might  be  collecting.  If  such 
information  is  found,  the  department  has 
to  give  a  business  justification  for  having 
the  information.  Otherwise  it’s  deleted.  ■ 


(Responses  add  up  to  more  than  100%  due  to  roundingy': 


Higher  security  for 
higher  education 

Here’s  a  sampling  of  findings 
from  a  recent  Educause  survey 
of  technology  professionals  and 
faculty  at  435  institutions: 

Which  technologies  are  you  adopting? 

(Multiple  responses  allowed) 


remote 

i  18% 

access 

!  9% 

trusion 

mm 

1  15% 

itection 

i  m 

UwjjM 

1  55% 

Implemented 
In  progress 
Piloting 


Encryption  1  19% 


developing 


What’s  the  status  of  your  school’s 
security  plan? 


Comprehensive 
plan  in  place 

13% - ‘ 


What  are  the  top  five  barriers  to 
better  security? 

1.  Lack  of  resources. 

2.  Lack  of  awareness. 

3.  Academic  freedom. 

4.  Culture  of  decentralization. 

5.  Absence  of  policies. 
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Collation  strengthens  app  mgmt.  formula 


■  BY  DENISE  DUBIE 

Collation  this  week  is  expect¬ 
ed  to  unveil  upgraded  software 
it  says  will  help  companies 
more  quickly  determine  the 
source  of  application  perfor¬ 
mance  problems. 

The  company  is  updating  its 
flagship  Confignia  package  to 
Version  2.0  and  including  an 
integrated  add-on,  dubbed  Ap¬ 
plication  Status  Manager,  de¬ 
signed  to  pinpoint  application 
performance  problems  by  relat¬ 
ing  application  topology  data 
(such  as  which  applications  talk 
to  each  other  and  where  they 
reside)  to  network  events  col¬ 
lected  by  third-party  manage¬ 
ment  tools  such  as  IBM’s  Tivoli 
Enterprise  Console  and  Micro¬ 
muse’s  Netcool. 

“Tracking  application  depen¬ 
dencies  is  a  difficult  task.  Col¬ 
lation  can  put  applications  in  a 
topological  context,”  says  Den¬ 
nis  Drogseth.a  vice  president  at 
consultancy  Enterprise  Man¬ 


agement  Associates.  “For  exam¬ 
ple,  it  can  discover  which  users 
are  affected,  which  services  are 
impacted  and  what  network 
components  are  contributing  to 
the  problem.” 

Competitors  in  this  market 
include  start-ups  such  as  Rel- 
icore  and  Troux  Technologies. 

How  it  works 

Collation’s  software  installs 
on  a  dedicated  Unix  or  Linux 
server.  Once  installed,  network 
managers  input  the  IP  addres¬ 
ses  they  want  the  software  to 
monitor. 

The  software  determines  if  the 
addresses  are  for  application 
hosts,  such  as  Web  or  application 
servers,  or  network  devices,  such 
as  switches  and  routers.  Con¬ 
fignia  also  determines  which 
applications  are  using  which 
ports  on  devices  and  how  often 
they  touch  certain  servers. 

This  discovery  process  creates 
models  of  application  depen¬ 
dencies  that  can  be  viewed 


IM  spam  piling  up, 
researchers  say 


■  BY  DAVID  LEGARD 

Spam  sent  via  instant  messag¬ 
ing  is  set  to  become  a  major 
nuisance  this  year,  with  the 
number  of  such  messages  trip¬ 
ling  from  400  million  to  1.2  bil¬ 
lion,  according  to  research  firm 
The  Radicati  Group. 

The  increase  in  IM  spam,  also 
called  “spim,”  will  come  about 
because  of  greater  use  of  IM 
among  businesses  and  a  rapid 
increase  in  published  IM  names 
in  corporate  and  public  directo¬ 
ries,  a  Radicati  report  says. 

The  number  of  business  IM 
users  more  than  doubled  from 
2002  to  2003,  and  is  predicted  to 
grow  another  85%  from  2003 
to  2004,  according  to  Ferris 
Research. 

By  2007,  the  overall  business 
IM  market  is  expected  to  in¬ 
crease  to  182  million  users,  rep¬ 
resenting  a  compound  annual 
growth  rate  of  79%. 

IM  spammers  are  developing 
sophisticated  software  that 
automatically  sends  messages 
—  which  are  mainly  touting 
pornography  —  to  millions  of 
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Spim  represents  just 
a  fraction  of  all  spam. 
Overall  e-mail  spam 
will  more  than  double 
in  2004  to 

35  billion 

messages,  Radicati 
Group  estimates. 


users,  and  which  automatically 
can  change  screen  names  when 
the  user  blocks  an  IM  attempt, 
according  to  Ferris. 

Because  of  the  intrusive 
nature  of  IM,  spim  might  be 
more  annoying  to  recipients 
but  also  more  successful,  Ferris 
says. 

Legard  is  a  correspondent  with 
IDG  News  Service’s  Australia 
bureau. 


when  problems  arise.  The  soft¬ 
ware  maintains  a  database  of 
the  information  it  collects  and 
Collation  suggests  network  man¬ 
agers  run  an  update  of  the  dis¬ 
covery  process  nightly  to  keep 
the  dependency  data  as  up-to- 
date  as  possible. 

Also  new  in  Confignia  2.0  is 
the  ability  to  discover  more  ele¬ 
ments  in  a  data  center,  including 
homegrown  applications. 

Pricing  for  Confignia  2.0 
depends  on  network  configura¬ 
tion  and  can  start  at  about 
$100,000.  Application  Status 
Manager  typically  costs  about 
25%  to  30%  of  the  cost  of  Con¬ 
fignia.  For  example,  a  customer 
paying  $100,000  for  Confignia 
would  have  to  pay  at  least 
another  $25,000  for  the  add-on 
software.  ■ 


Finding  trouble 


Collation’s  Confignia 2.0  displays  the  components  in  a 
data  center,  and  in  this  fictitious  example,  points  the 
finger  at  a  BEA  Systems  Web  server  in  Miami  as  being 
the  source  of  an  application  performance  problem. 


Configuration  mgmt  tool 
reaches  for  mobile  clients 


■  BY  JOHN  FONTANA 

Configuresoft  this  week  is  intro¬ 
ducing  upgraded  configuration 
management  software  to  help 
companies  keep  their  mobile 
computers  secure. 

The  company  says  Enterprise 
Configuration  Manager  4.5  now 
includes  support  for  Windows- 
based  laptops,  which  lets  com¬ 
panies  check  on  software  config¬ 
uration  and  push  out  patches  to 
machines  that  aren’t  always 
hooked  to  a  network. 

“You  have  to  know  what  assets 
you  have  and  what  is  running  on 
them  to  make  sure  you  have  con¬ 
sistency  and  adhere  to  corporate 
policy?’  says  Rich  Ptak,  a  partner 
with  consultancy  Ptak,  Noel  & 
Associates. 

He  says  that  task  gets  more 
complicated  with  mobile  clients, 
which  might  not  be  connected  to 
the  network  when  new  configura¬ 
tions  or  patches  are  automatical¬ 
ly  pushed  down  to  corporate  PCs. 

The  new  Mobile  Client  signals 
to  the  network  when  a  machine 
logs  on  to  it.  Once  the  client 
makes  a  connection  with  the 
ECM  Collector,  a  database  that 
stores  configuration  information, 
an  agent  passes  information 
about  the  client  such  as  the 
machine’s  configuration,  installed 
patches  and  the  amount  of  band¬ 


width  available.  The  data  is  com¬ 
pared  with  set  configurations  and 
patch  data  stored  in  the  Collector. 
The  agent  within  the  Mobile 
Client  can  send  and  receive  data 
using  HTTP  or  Distributed  Com¬ 
ponent  Object  Model. 

Administrators  can  prescribe 
what  sorts  of  updates  are  al¬ 
lowed,  based  on  whether  the 
mobile  client  has  a  dial-up, 
broadband  or  LAN  connection. 

The  software  can  be  program¬ 
med  to  activate  as  soon  as  a 
client  comes  online,  or  can  be  set 
to  check  the  machine  at  deter¬ 
mined  intervals  if  it  stays  con¬ 
nected  for  an  extended  time  peri¬ 
od.  The  software  also  maintains 
an  audit  trail  of  the  activity 
between  the  Mobile  Client  and 
the  ECM  Collector. 

The  software  works  with  lap¬ 


tops  that  run  Windows  NT  Server 
4.0  and  above  or  Windows  NT 
Workstation  4.0  and  above.  The 
ECM  Collector  runs  on  SQL 
Server  2000  and  above. 

Configuresoft  says  it  plans  to 
expand  the  capabilities  to  other 
mobile  devices.  The  software 
competes  with  similar  products 
from  Altiris,  Marimba  Software, 
Microsoft  and  Novadigm,  which 
HP  recently  acquired. 

Also  new  in  the  Configuresoft 
product  is  a  set  of  templates  to 
help  manage  compliance  with 
federal  laws  such  as  the  Gramm- 
Leach-Bliley  Act  and  the  Health 
Insurance  Portability  and  Ac¬ 
countability  Act. 

Pricing  for  Enterprise  Configur¬ 
ation  Manager  with  remote  client 
management  starts  at  $995  per 
server  and  $30  per  workstation.  ■ 


NewsQalerts 

Hate  hunting  for  stories  on  a  specific  topic?  Let  the  news 
come  to  you  with  Network  World’s  latest  news  alerts  — 
with  focuses  on  security,  financials,  standards,  trade 
show  news  and  vendor-specific  news. 
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Real,  not  pseudo,  flying  Internet 

onnexion  by  Boeing  recently  an-  nouncement  was  in  sharp  contrast  to  the  three-and-a-half  years  ago  (www.nwfusion. 
ff  _  nounced  that  many  air  travelers  out-  first  reports  on  this  type  of  service  and  to  com,  DocFinder:  1426).  The  folks  working 
side  the  U.S.  soon  will  be  able  to  buy  what  other  vendors  are  trying  to  pass  off  as  on  the  service  at  that  time  had  rather  un- 
rationally  priced,  satellite-based  Internet  an  in-flight  Internet  service.  worldly  expectations  of  what  people  would 

service  while  cruising  at  35,000  feet.The  an-  I  first  heard  about  a  service  like  this  about  be  willing  to  pay  for  in-flight  Internet  con- 

TECHNOLOGY  TOUR  , 

Wireless 

LANs: 

Gaining  Strength, 
Reaching  Farther 


TECHNOLOGY 

TOUR 

SCHEDULE 


FREE  EVENT  FOR 
QUALIFIED  PROFESSIONALS 


MODERATOR 

Craig  J.  Mathias 

EXPERTISE,  TECHNOLOGY,  AND 

DEMOS  IN  SEVERAL  KEY  AREAS: 

►  SECURITY:  new  answers  that  solve 
the  Achilles  heal  of  WLANs 

►  PLANNING:  pitfalls  to  avoid  when 
adopting  evolving  WiFi  technologies 

►  ARCHITECTURE:  operational  issues 
crucial  to  the  success  of  Switched 
WLANs 

►  MANAGEMENT:  emerging  metrics 
needed  to  monitor  effectiveness 


DO  YOU  HAVE  THE 
RIGHT  ANSWERS 

to  key  questions 
crucial  to  building  out 
a  truly  sophisticated 
Wireless  LAN? 


1 .  “How  can  I  integrate  WLANs  into  my  overall 

security  strategy?  ” 

2.  “Can  I  really  expect  VoIP  to  work  over  WLANs 

that  already  carry  huge  data  loads?" 

3.  “How  can  I  measure  my  real  TCO  and  Rol? 

More  important,  how  can  I  control  it?” 


WHO  WILL  BE  THERE? 

►  Expert  Event  Leaders 

►  Craig  J.  Mathias,  Principal, 
Farpoint  Group 

►  Keith  Shaw,  Senior  Reviews  Editor, 
Network  World 

and  leading  WLAN  and  Network/IT 
professionals  including: 


CIOs 

IT/IS  Managers/Directors 
Network/Security  Architects 
Network/Security  Managers 
Systems  Managers 
LAN/WAN  Administrators 


Today  there’s  just  one  universal  truth  about  Wireless  LANs:  the  design,  management,  and  buying 
decisions  you  make  now  will  determine  the  effectiveness  of  your  enterprise  network  for  years  to 
come.  Which  is  the  top  reason  to  attend  Wireless  LANs:  Gaining  Strength,  Reaching  Farther, 
a  new  Network  World  Technology  Tour  event.  It  brings  together  the  intelligence,  innovations,  and 
solutions  you  need  to  move  confidently  forward. 

This  is  must-know  info.  Must-see  technology.  A  must-attend  event  you  cannot  afford  to  miss. 

While  attendance  is  free,  access  is  limited  to  network  professionals  who  reserve  in  advance. 

Register  now  and  gain  new  strength  and  greater  sophistication  for  the  future  of  your  Wireless  LANs. 

Advance  Reservation  by  Qualified  Professionals  is  Required  for 
Complimentary  Attendance 

Register  now  at  www.nwfusion.com/WLS4A2 
or  call  1-800-643-4668 

PLATINUM  PRESENTING  SPONSORS: 

ARU2A  ml 

q  p  r\  rn  wireless  networks  Chantry  FOUNDRY 

OUUI  I  I  NETWORKS 


This  event  is  limited  to  Network  and  IT 
professionals  involved  in  the  evaluation , 
purchase  and  implementation  of  wireless  LANs 
products  and  services.  Network  World  Events 
reserves  the  right  to  determine  total  audience 
and  profile  of  complimentary  attendees. 

Paid  registration  is  also  available. 


legm  Merji  Irapeze 

COLD  EXHIBITING  SPONSORS: 

N  E  T  G  E  A  R  WANTEC 


\Cv  Agilent  Technologies 


To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D'Amato  at  1  -508-490-6520 
or  adamato@> nww.com  for  free,  no-obligation  information. 


nectivity.  According  to  news  reports  they 
were  planning  to  charge  between  $17.50 
and  $25  per  hour. 

You  can  pay  as  much  as  $15  per  hour,  but 
the  normal  pricing  is  a  flat,  per-flight 
charge.The  rate  starts  at  $14.95  for  flights  of 
less  than  three  hours,  raises  to  $19.95  for 
flights  of  three  to  six  hours  and  tops  out  at 
$29.95  for  flights  of  more  than  six  hours. 
You  can  get  a  lower-cost  metered  rate  if  you 
only  need  to  be  on  for  a  short  period. This 
is  more  expensive  than  the  normal  hotel 
“high-speed”  service,  but  I’d  be  willing  to 
pay  it  on  most  medium  to  long  flights. 

Connexion  by  Boeing  has  put  together  a 
clear  Web  page  that  details  this  pricing 
structure  and  explains  how  the  service 
works  (www.connexionbyboeing.com). 
The  organization  equips  each  plane  with 
Wi-Fi  (802.11)  access  points  and  mounts  a 
mechanically  steered  antenna  in  a  dome 
on  top  of  the  plane.The  antenna  tracking  is 
fast  enough  to  track  the  satellite  through 
most  normal  plane  motions.The  users  con¬ 
nect  to  the  system  via  a  Wi-fi  network.  Each 
plane  has  four  receivers  that  are  enabled  as 
the  traffic  load  to  the  plane  requires. 

The  download  capacity  is  20M  bit/sec  per 
transponder  region  (for  example,  the  U.S.) 
with  an  upload  speed  of  up  to  1M  bit/sec. 
Signals  are  sent  from  the  plane,  bounced 
off  one  of  eight  geostationary  satellites  to 
one  of  four  ground  stations,  then  to  the  In¬ 
ternet.  Round-trip  times  are  in  the  800  to 
1,200  millisec  range,  good  enough  for  Web 
surfing,  instant  messaging  and  Pbst  Office 
Protocol  or  Internet  Messaging  Access  Pro¬ 
tocol  e-mail  access.  Service  coverage  now 
extends  from  the  West  Coast  to  Japan  the 
long  way;  Pacific  Ocean  coverage  is  sched¬ 
uled  to  start  in  2006. 

This  service  provides  real,  unfiltered,  inter¬ 
active  Internet  access.  This  is  very  different 
than  systems  such  as*  Verizon’s  Airphone 
Jetconnect  service  (www22.verizon.com/ 
airfone/jetconnect/),  which  doesn’t  pro¬ 
vide  interactive  Internet  access. You  can 
use  the  Verizon  service  to  retrieve  your 
e-mail  if  you  trust  them  with  your  logon 
name  and  password.  The  service  is  justifi¬ 
ably  cheap  at  $5.99  per  flight. 

Lufthansa  will  be  the  first  to  roll  out  the 
Connexion  by  Boeing  service  (which 
Boeing  will  install  on  non-Boeing  aircraft 
and  yachts)  with  other  European  and 
Asian  carriers  to  follow.  No  U.S.  carriers 
have  signed  up  yet.  I  guess  they’re  too  busy 
trying  to  stay  in  the  air  to  think  of  making 
things  better  for  customers. 

Disclaimer:  People  say  lots  of  things  about 
Harvard  but  “justifiably  cheap”  is  not  one  of 
them.  And  the  university  never  travels,  so 
the  above  exploration  is  mine  alone. 

Bradner  is  a  consultant  with  Howard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com. 
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The  Journey  of  the  Leader  in  Layer  4-7  Load  Balancing  Switches 

Performance.  Intelligence.  Security.  Price. 


Serverlron —  when  it  comes  to  Layer  4—7  load  balancing,  there  is  no  summit! 
Just  a  continuous  journey,  Foundry's  Scrverlron  switches  continue  to  be  the  trailblazer 
For  server  scalability  w  ith  one  accomplishment  after  another.  Served ron  switches  protect 
servers  against  denial-of-service  attacks,  improve  server  scalability,  and  vastly  enhance  server 
reliabilitv.  Serverlron  makes  it  easy  to  manage  all  your  networked  applications  and  improve 
user  response  time  while  eliminating  application  downtime.  It's  the  industry  leader  in 
performance,  intelligence,  security,  and  price.  So  it's  no  coincidence  that  Serverlron  is  the 
product  of  choice  for  the  w  orld's  largest  and  most  demanding  customers.  Visit  us  today  at 
www.toundrvnetworks.com/si.Orcall  1 . SSS .  I  L  RBOLAN  (1.888.887.2652). 
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Special  Focus 

APPLICATIONS:  Network  security. 


Feeling  vulnerable?  Try  assessment  tools 


■  BY  ELLEN  MESSMER 

Come  June,  high-volume  merchants  and  payment 
processors  that  do  business  on  the  Web  and  want 
to  work  with  MasterCard  International  had  better 
be  conducting  quarterly  vulnerability  assessments  of 
their  Web  sites.  MasterCard  warned  last  fall  that  it  won’t 
do  business  with  them  otherwise. 

“We  believe  the  majority  of  events  we  read  about  with 
worms  could  be  averted  through  vulnerability  assess¬ 
ment,"  says  John  Verduschi,  vice  president  of  e-business 
and  emerging  technologies  at  MasterCard,  which  has 
drawn  up  a  list  of  a  dozen  approved  network-based  scan¬ 
ning  services,  including  Ubizen,  its  preferred  provider. 

With  an  estimated  7%  of  all  of  MasterCards  $921.6  bil¬ 
lion  in  annual  card  purchases  now  taking  place  on  the 
Web,  it’s  no  wonder  that  the  global  payments  company  is 
making  vulnerability  assessment  mandatory 
And  with  companies  like  MasterCard  requiring  its  part¬ 
ners  to  use  such  offerings,  it’s  also  no  wonder  there  are 
dozens  of  vendors  competing  in  the  market,  which  makes 
choosing  vulnerability-assessment  options  a  challenge. 


Assessing  the  situation 

Pros  and  cons  of  host-  and  network-based 
vulnerability  assessment. 

Host-based  tools  Network-based  tools 

Pros 

Pros 

Can  provide  rich  security 
information,  such  as  by 
checking  user  access  logs. 

Can  give  a  quick  look  at 
what  weaknesses  hackers 
and  worms  can  exploit. 

Once  deployed,  have  limited 
impact  on  network  traffic. 

Available  as  software, 
appliances  and  managed 
services. 

Cons 

Cons 

Costs  can  add  up  when 
deploying  agents  across 
many  desktops  and  servers. 

Requires  careful  planning 
to  avoid  conflict  with 
security  systems. 

Deployment  can  be  time- 
consuming. 

Generates  considerable 

network  traffic. 

One  way  to  narrow  down  the  choice  is  to  determine 
whether  a  host-  or  network-based  offering  best  meets 
your  needs. 

Host-based  tools  reside  on  servers  and  desktops  as  soft¬ 
ware  agents  that  can  log  on  to  a  host  to  report  back  to  a 
management  console.  Competitors  in  this  market  include 
Bindview,  Computer  Associates,  Harris,  IBM,  Internet 
Security  Systems, Sanctum  and  Symantec. 

On  the  other  hand,  network-based  tools  scan  remotely 
in  ways  similar  to  a  hacker  probe.  Some  of  the  players  are 
the  same  as  in  host-based  vulnerability  assessment, such 
as  1BM,1SS  and  Symantec.  Others, such  as  nCircle  and 
Qualys,  specialize  in  network-based  offerings,  and  free¬ 
ware  such  as  Nessus  also  has  supporters. 

There  are  pros  and  cons  to  each  approach. 


Host-based  tools  are  generally  more  expensive,  says 
John  Pescatore,  a  security  analyst  at  Gartner. The  products 
can  cost  $750  to  $1,000  per  server,  which  adds  up  across 
a  big  network. 

But  host-based  offerings  provide  rich  information,  which 
might  explain  why  a  third  more  host-based  products  than 
network-based  ones  are  sold  annually 

“They  can  do  several  things  you  can’t  do  from  the  net¬ 
work,  such  as  check  user  access  logs  or  who  touched  the 
financial  data  on  a  server,”  Pescatore  says. 

The  downside  of  host-based  offerings  is  that  computers 
have  to  be  idle  to  do  security  checks, says  Bill  Kline, 
senior  security  engineer  at  Paymentech,  one  of  the  high- 
volume  credit  card  processors  asked  by  MasterCard  (and 
Visa)  to  follow  new  guidelines  this  year.  Staff  must  careful¬ 
ly  schedule  inspections,  and  if  host-based  tools  aren’t 
used  correctly  they  can  damage  data  on  a  server,  he 
adds.  Paymentech  uses  Symantec’s  host-based  Enterprise 
Security  Manager  and  network-based  offerings  from 
KaVaDo  and  TruSecure  to  keep  its  600  servers  secure. 

Network-based  vulnerability  assessment  comes  in  the 
form  of  hardware,  software  or  services.  As  with  many  offer¬ 
ings,  vulnerability-assessment  services  are  a  good  option 
for  organizations  short  on  IT  staff  or  security  specialists. 

“We  had  constraints  with  resources,”  says  Dan  Klinger, 
manager  of  information  security  at  Hershey  Foods.  Using 
the  Qualys  service  lets  Hershey  centrally  scan  325 
Windows  NT  servers  and  125  Unix  servers  without  adding 
staff.  Hershey  also  is  developing  a  way  to  transfer  the 
Qualys  vulnerability-assessment  information  directly  into 
its  in-house  trouble-ticketing  system  from  Remedy  to 
build  an  integrated  workflow  process,  which  will  address 
patching  or  other  problems. 

Network-based  offerings  can  cost  from  a  few  hundred 
to  thousands  of  dollars  per  month,  depending  on  the 
number  of  IP  addresses  and  other  variables.  And  custom 
services  can  usher  in  customer-based  pricing.  MCI’s  Digex 
Web-hosting  unit  utilizes  Sanctum’s  AppScan  application 
scanner  and  Symantec’s  NetRec  as  well  as  the  host-based 
Enterprise  Security  Manager  as  part  of  a  custom  service. 
There’s  no  set  monthly  fee,  but  setup  starts  at  $10,000. 

Deploying  network-based  vulnerability-assessment  tools 
can  present  some  pitfalls. 

Problems  can  arise  when  scanning  internal  servers, 
desktops  and  public-access  Web  servers.That’s  because 
firewalls  and  other  means  of  blocking  off  sub-nets  are 
often  already  in  place  to  deter  this  kind  of  inspection. 

In  addition,  if  there’s  no  coordinated  staff  approach,  net¬ 
work  administrators  might  think  the  network  is  somehow 
under  attack  because  of  the  scans. 

“It  takes  special  coordination  with  the  intrusion-detec¬ 
tion  systems  and  the  firewall  people,” says  Don  Jankowski, 
manager  of  technology  risk  management  at  Xcel  Energy 
about  his  recent  experience  in  deploying  the  pro  Vizor 
Security  Risk  Measurement  network-based  scanner  from 
Black  Dragon  Software. 

It  took  Xcel,  the  fourth-largest  electricity  and  gas  energy 
company  in  the  U.S.,a  few  months  to  install  and  train  IT 
staff  to  begin  using  the  four  proVizor  appliances  it  pur¬ 
chased  to  scan  for  vulnerabilities  across  its  network  of 
800  servers  and  14,000  desktops  across  12  states. 

Jankowski  says  the  company  has  plans  to  do  a  com- 


I  IWe  believe  the  majority 
of  events  we  read  about 
with  worms  could  be 
averted  through  vulner¬ 
ability  assessment.  If 
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plete  scan  of  its  environment  every  quarter,  but  far  more 
frequently  for  critical  workstations.  Operating  systems  are 
being  scanned  first,  applications  next. 

Chuck  Bianco,  an  IT  examination  manager  in  Dallas  for 
the  U.S.Treasury  Department’s  Office  of  Thrift  Supervision 
agency  warns  that  network  scans  can  cause  disruptions, 
and  says  it’s  best  to  get  the  support  of  upper  management 
before  any  scan.  Bianco  says  he’s  seen  people  get  fired 
“because  it  blew  up.” 

Robert  Geiger,  director  of  Unix  administration  and 
security  at  Reader’s  Digest  Association, says  it’s  a  good 
idea  to  have  the  testing  provider  clearly  define  in  ad¬ 
vance  what  it  plans  to  do,  including  any  denial-of-service 
attacks.  And  if  the  question  comes  up,  say ‘no’ to  hiring 
hackers  past  or  present  as  a  matter  of  trust,  he  adds. 

Ken  Saruwatari,  product  manager  at  Foundstone,  which 
makes  the  Foundstone  Enterprise  scanner  used  mainly 
by  large  companies,  says  scans  can  be  traffic-intensive 
and  therefore  most  organizations  do  them  during  hours 
when  the  network  is  least  in  use  for  business  purposes. 

Network-based  vulnerability-assessment  products  are  in¬ 
creasingly  becoming  available  as  appliances,  which  can 
make  them  easier  to  deploy  than  host-based  software. 
Computer  Associates,  Foundstone  and  PredatorWatch  are 
among  the  companies  selling  such  boxes. 

Some  observers  say  going  with  host-  or  network-based 
tools  isn’t  necessarily  an  either/or  situation. 

“In  IT,  everyone  always  wants  one  tool  for  everything,” 
says  Anthony  Passaniti,  head  of  IT  security  for  the 
Armonk,  N.Y.,  Americas  division  of  global  reinsurance 
firm  Swiss  Re,  which  uses  a  variety  of  network-  and  host- 
based  tools.“But  a  skilled  craftsman  needs  a  tool  kit  with 
specialized  tools.” 

The  Swiss  Re  division  uses  Application  Security’s  net¬ 
work-based  AppDetective  for  its  databases  because  it 
focuses  on  database  vulnerability  checking,  Passaniti  says. 

Eric  Pulaski,  CEO  of  security  products  vendor  BindView, 
says  no  one  vendor  offers  it  all  in  vulnerability  assess¬ 
ment.  His  company  makes  host-based  vulnerability-assess¬ 
ment  agents  for  software  from  Check  Point,  Microsoft, 
Novell  and  others  as  well  as  a  network-based  tool  that 
can  be  used  to  locate  rogue  computers,  but  the  company 
doesn’t  have  an  agent  for  every  popular  application. The 
same  is  true  of  even  bigger  companies,  such  as  CA  and 
IBM,  he  says.B 


■■■ 


Xerox  WorkCentre*  Pro  advanced  multifunction  systems 
not  only  print  up  to  3x  faster  than  competition.  They’re  even 
smart  enough  to  give  your  productivity  a  colorful  new  twist. 

There’s  a  new  way  to  look  at  it. 


The  advanced  thinking  built  into  the  Xerox 
WorkCentre®  Pro  family  makes  them  the 
smartest  multifunction  citizens  working  on 
any  network.  They  don’t  just  scan,  copy,  fax,  and 
e-mail,  they  do  it  at  network  printing  speeds 
up  to  3x  faster  than  competition.  They  RIP  one 
job  while  printing  another,  so  work  gets  done 


faster.  And  their  Enhanced  Service  Program 
(ESP)  lets  you  fix  problems  before  they  happen, 
increasing  reliability.  And  now,  there’s  color.  The 
Xerox  WorkCentre®  Pro  40  prints  b&w  at  40  ppm; 
color  at  22  ppm.  It’s  one  more  way  our  full  line 
of  multifunction  systems,  printers,  and  digital 
copiers  help  you  get  more  out  of  your  network. 


Learn  more:  xerox.com/offfice/244  For  a  sales  rep:  1-800-ASK-XEROX  ext.  244 
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Your  company 
turns  to  you  for 
infrastructure 
security. 

So,  where  can  you  turn? 

Security  is  a  primary  concern  for  all  of  us.  That's  why  we've  developed  an  array  of  new  tools  and  guidance, 
centralized  at  microsoft.com/security/IT.  It's  a  resource  you  can  turn  to  for  timely  news,  education,  and  tools, 
all  intended  to  help  you  better  plan  and  manage  the  security  strategy  that's  right  for  your  company. 


at  microsoft.com/security/IT. 


Take  advantage  of  the  latest  tools  and  training 

Free  Security  Training 

Register  for  free  security  management  training, 
including  a  Security  Summit  in  a  city  near  you,  weekly 
security  Webcasts,  and  in-depth  e-learning  designed 
to  help  you  improve  your  security  infrastructure. 

Free  Tools  and  Updates 

Streamline  patch  management  with  free  tools 
such  as  Microsoft®  Software  Update  Services. 
Download  software  like  Microsoft  Baseline  Security 
Analyzer  to  verify  that  your  systems  are  configured 
to  maximize  security. 


Free  Emergency  Notifications 

Sign  up  to  stay  up-to-date  with  the  latest 
vulnerability  assessments,  mitigation  advice, 
and  patch  availability. 

Free  Security  Guidance  Kit 

Evaluate  detailed  guidance  and  templates, 
then  pre-order  your  free  CD-ROM  with  roadmaps 
and  how-to  guides.  Learn  how  measures  like 
automating  security  patch  installation  and 
blocking  unsafe  e-mail  attachments  can  help 
better  protect  your  organization. 


Go  to  microsoft.com/security/IT 


For  ongoing  guidance  to  help  better  plan  and  manage  your 
company's  IT  security,  go  to  microsoft.com/security/IT  today. 
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Global  Crossing  rolls  out  VoIP  services 


■  BY  DENISE  PAPPALARDO 

Global  Crossing  last  week  announced  a 
series  of  VoIP  offerings  for  business  users 
that  range  from  simple  transport  to  fully 
managed  VoIP  over  the  carriers  IP  VPN 
services. 

The  offerings  include  VoIP  On-net  Trans¬ 
port, VoIP  Outbound, VoIPToll  Free, VoIP  On- 
net  Plus  and  Managed  VoIP  Services. 

These  are  Global  Crossing’s  first  enter¬ 
prise  IP  telephony  services,  which  put  the 
carrier  behind  international  competitors 
Equant  and  Infonet  and  domestic  com¬ 
petitors  AT&T,  MCI  and  Sprint.  All  the  others 
have  VoIP  services  for  business  users,  and 
the  majority  have  offered  these  services  for 


■  SBC  last  week  said  it  will  turn  up 
Wi-Fi  service  in  thousands  of  UPS 
retail  stores  in  the  U.S.The  Free- 
domLink  service  will  let  mobile  pro¬ 
fessionals  use  laptop  computers  and 
PDAs  to  wirelessly  connect  to  the 
Internet.  FreedomLink  will  be  avail¬ 
able  in  more  than  1,500  UPS  stores 
and  MailBoxes  Etc.  locations  by  year- 
end,  with  installations  continuing 
through  2005.  The  monthly  charge  will 
be  $19.95  for  unlimited  access  to  all 
FreedomLink  hot  spots.  Day  session 
charges  will  be  $7.95  for  unlimited 
access. 

■  MCI  confirmed  last  week  that  it  is 
reducing  its  workforce  by  7.4%,  or  by 
about  4,000  employees.  Earlier  this 
year  the  company  announced  it  would 
eliminate  about  1,700  jobs  to  cut  costs. 
The  carrier  says  most  of  the  new  job 
cuts  will  be  in  MCl's  cali  centers,  and 
it  blames  the  layoffs  on  the  national 
"Do  Not  Call"  registry  that  prevents 
telemarketers  from  calling  people  on 
the  list.  MCI  is  closing  three  call  cen¬ 
ters  and  reducing  its  workforce  at 
three  others.  With  this  round  of  layoffs 
the  company  has  cut  more  than 
27,000  jobs  since  filing  for  Chapter  11 
bankruptcy  protection  in  July  2002. 
MCI  says  it  expects  to  emerge  from 
bankruptcy  in  April. 


well  over  two  years. 

But  while  VoIP  for  businesses  is  new  to 
Global  Crossing,  supporting  VoIP  is  not.The 
company  started  building  its  Multi-proto¬ 
col  Label  Switching-based  IP  backbone 
five  years  ago  using  Sonus  Networks  gear  to 
support  packetized  voice  traffic,  says 
Anthony  Christie,  chief  marketing  officer  at 
the  carrier. “We  were  Sonus’  first  customer/’ 
he  says. 

Global  Crossing  carries  2  billion  VoIP 
minutes  per  month,  Christie  says,  but  the 
majority  of  that  traffic  is  from  other  carri¬ 
ers.  Global  Crossing  hopes  that  statistic  will 
change  over  the  next  few  years  as  more 
companies  use  its  network  to  carry  VoIP 

This  was  an  important  point  in  the  carr¬ 
ier’s  restructuring  plan  filed  with  the  bank¬ 
ruptcy  court  last  year.  Global  Crossing 
emerged  from  bankruptcy  in  December 
after  Singapore  Technologies  Telemedia 
paid  $250  million  to  acquire  61.5%  of  the 
carrier. 

Now  with  bankruptcy  behind  it,  Global 
Crossing  is  moving  forward  with  new  offer¬ 
ings  for  corporations. 

The  carrier’s  On-net  Transport  service  lets 
users  deploy  their  own  IP  PBX  gear  and 
transport  packetized  voice  calls  over 
Global  Crossing’s  backbone  for  termina¬ 
tion  in  500  cities  in  50  countries.  While  the 
carrier  just  announced  this  service  last 
week,  it  has  supported  enterprise  users 
since  last  year. 

Carecentric,  a  software  development 
company  for  the  medical  industry  has 
used  Global  Crossing’s  service  since  June. 

“It  was  time  for  us  to  look  at  new  telecom 
equipment,  and  we  wanted  to  reduce 
costs,” says  Gene  Weiland,  director  of  MIS  at 
the  Atlanta  company  Weiland  deployed  an 
IP  PBX  and  IP  phones  from  Inter-Tel  and 
installed  Global  Crossing’s  On-net  Trans¬ 
port  service  to  support  35  remote  workers. 

Those  remote  workers,  living  in  cities 
across  the  country,  use  DSL  to  connect  to 
Carecentric’s  IP  PBX.  This  lets  Carecentric 
not  only  route  all  calls  between  sites  in  the 
southern  U.S.,but  also  lets  it  funnel  calls  to 
the  same  PBX  for  additional  cost  savings. 

For  example,  if  an  employee  in  Pbmp- 
ano  Beach,  Fla.,  calls  someone  in  Jack¬ 
sonville,  the  system  automatically  takes 
that  call  through  Atlanta  and  onto  Global 
Crossing’s  network  before  it’s  passed  off  to 
the  public  switched  telephone  network, 
Weiland  says.  This  lets  Carecentric  avoid 
intrastate  charges,  which  are  typically 
higher  than  interstate  charges. 

The  other  Global  Crossing  services  an¬ 


nounced  include: 

•  VoIP  Outbound,  where  the  carrier 
deploys  and  manages  IP  PBX  gear  for  its 
customers.  Global  Crossing  plans  to  sup¬ 
port  call  termination  in  240  countries,  up 
from  50,  with  its  transport  service. 

•VoIPToll  Free, which  will  let  users  route 
incoming  toll  calls  over  the  carrier’s  IP 
backbone.  Both  VoIP  Outbound  and  Toll 
Free  are  expected  to  be  available  this 
summer. 

•  VoIP  On-net  Plus,  which  will  let  cus¬ 
tomers  support  a  hybrid  telecom  environ¬ 
ment,  supporting  sites  with  traditional 
PBXs  and  sites  that  have  IP  PBX  gear. 
Customers  will  be  able  to  monitor  these 
networks  using  the  company’s  uCom- 
mand  network  performance  Web-based 
tool.  This  feature  is  expected  to  be  avail¬ 
able  by  year-end. 

•  Managed  VoIP  Services,  which  will  let 
enterprise  users  support  VoIP  traffic  on  IP 
VPN  links.  Global  Crossing  will  manage 
the  customer’s  router  and  IP  PBX  devices. 
The  service  is  expected  to  be  available  by 
year-end. 

Pricing  was  not  available.  ■ 


Why  users  are 
moving  to  VoIP 

According  to  a  Nemertes 
Research  study,  the  majority  of 
users  say  lowering  costs  is  the 
primary  reason  why  they  moved 
to  VoIP. 
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*Based  on  interviews  with  42  network  managers. 


Advocates  push  for 
network  neutrality  policy 


■  BY  GRANT  GROSS 

WASHINGTON,  D.C.  —  Internet  rights 
advocates  are  pushing  the  government  to 
adopt  policy  that  will  keep  the  Internet  and 
the  content  that  rides  on  it  free  from  the 
meddling  of  individual  ISPs. 

Proponents  of  a  federal  network  neutral¬ 
ity  policy  argued  at  a  recent  Consumer 
Federation  of  America  event  in  Wash¬ 
ington,  D.C.,  that  policy  is  needed  to  pre¬ 
vent  broadband  providers  from  restricting 
access  to  certain  content,  such  as  search 
engines,  or  prohibiting  use  of  specific  ser¬ 
vices,  such  as  VPNs. 

Long-time  Internet  guru  Vinton  Cerf,  a 
senior  vice  president  in  the  Data  and 
Information  Services  division  at  MCI,  and 
Lawrence  Lessig,  an  Internet  law  professor 
and  author,  support  such  a  policy 

“You  should  apply  this  test:  If  it  bothers 
you  when  China  does  it,  it  should  bother 
you  when  your  local  cable  broadband 
company  does  it,”  says  Andrew  McLaugh¬ 


lin,  senior  policy  counsel  at  Google. 

While  there’s  no  push  to  adopt  a  network 
neutrality  policy  in  Congress,  the  concept 
has  generated  debate  at  the  FCC  in  recent 
months.  In  February,  FCC  Chairman  Mic¬ 
hael  Powell  advocated  four  freedoms  for 
Internet  users,  including  the  freedom  to 
access  content  and  to  use  applications, but 
he  advocated  a  market-driven  approach  in¬ 
stead  of  a  national  policy 
But  others  say  the  Internet  is  at  risk  with¬ 
out  government  intervention.’This  Internet 
may  not  be  the  one  we  know  in  the  future,” 
says  FCC  Commissioner  Michael  Copps. 
“There  are  threats  out  there. . . .  Entrenched 
interests  are  already  jockeying  to  constrain 
the  openness  that  has  been  the  Internet’s 
defining  hallmark,  and  they  are  lobbying 
the  FCC  to  aid  and  abet  them.” 

Some  broadband  providers  and  critics  of 
Internet  regulation  say  a  government  policy 
isn’t  needed  because  broadband  providers 
don’t  discriminate  against  content. 

See  Policy,  page  34 
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CARRIERS 
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Regular  readers  of  this  column  know 
that  1  like  to  divide  carriers  into  band¬ 
width  providers  and  service  pro¬ 
viders.  The  latter  focus  on  delivering  solu¬ 
tions  while  the  former  provide  pipes. 

Here’s  the  funny  thing.  Remember  Gar¬ 
rison  Keillor’s  quip  about  every  child  being 
above  average?  Virtually  every  service 
provider  thinks  it’s  in  the  “solutions”  camp, 
but  IT  executives  violently  disagree.  In 
recent  Nemertes  benchmarks,  the  lowest 
three  ratings  for  all  service  providers  were 
in  billing,  service-level  agreements  (SLA) 
and  management. 

What  gives?  Why  do  carriers  find  it  so  dif¬ 
ficult  to  focus  on  customer  solutions?  And 
what  should  they  be  doing  about  it? 


Putting  the  ‘service’  back  into  service  provider 


For  service  providers,  the  critical  shift  lies 
in  recognizing  that  your  business  model 
has  fundamentally  changed.  If  you’re  a 
provider,  you’re  no  longer  selling  capacity 
on  a  network.  You’re  selling  capacity  in  a 
customer-service  organization. 

That  means  completely  rethinking  how 
you  approach  your  business,  at  every  step 
of  the  wayAssume  your  core  resources  are 
your  people  and  processes  —  not  your  net¬ 
work  infrastructure.  That  means  you  lose 
money  every  time  a  billing  statement  or  an 
SLA  is  contested,  or  a  circuit  wasn’t  provi¬ 
sioned  properly,  or  your  customer  experi¬ 
ences  an  outage.  Every  time  a  human 
being  gets  engaged  to  fight  fires,  in  other 
words, your  margin  takes  a  hit,  so  your  strat¬ 
egy  should  be  to  reduce  unnecessary  cus¬ 
tomer  interaction. 

How?  Automate.  Integrate.  Look  at 
every  interaction  —  system-to-system, 
human-to-system,  and  human-to-human 
—  and  assess  how  it  can  be  streamlined, 
improved  and  made  more  foolproof. Yes, 


it’s  an  investment,  but  it  pays  off  down¬ 
stream  big  time  in  reduced  human 
overhead. 

That  doesn’t  mean  failing  to  talk  to  your 
customers  —  au  contraire.  High-level 
interaction  is  necessary  and  desirable.  Use 
the  time  that  you’re  no  longer  spending 
on  reviewing  inaccurate  bills,  fixing 
flawed  circuits  and  troubleshooting 
chronic  problems,  to  learn  more  about 
your  customers’  business  requirements 
and  propose  innovative  solutions.  One  of 
the  biggest  complaints  IT  executives  have 
about  carriers  is  that  they  don’t  under¬ 
stand  the  IT  executives’  businesses.  One  of 
the  biggest  complaints  I  have  with  carriers 
is  they  fail  to  take  the  time  to  understand 
how  their  own  portfolio  of  products  might 
profitably  meet  customer  needs. 

In  summary:  Drive  down  your  unit  costs 
as  low  as  you  can  without  affecting  cus¬ 
tomer  service,  but  keep  in  mind  your 
“units”  are  engineer-hours  (not  megabits 
or  minutes).The  way  you  keep  them  low  is 


by  strict  adherence  to  well-thought-out 
processes  (and  ironically  by  paying  your 
thought  leaders  highly  competitive 
wages).  Focus  your  resources  on  under¬ 
standing  customer  requirements  and  cre¬ 
ating  highly  automated  and  highly  reli¬ 
able  systems  and  processes  to  deliver  on 
those  requirements. 

And  finally  don’t  expect  to  charge  your 
customers  for  your  own  operational  or 
business  enhancements.  Carriers  love  to 
try  to  “upsell”  customers  to  more  expen¬ 
sive,  higher-margin  managed  services  to 
justify  the  cost  of  the  automation  invest¬ 
ments.  Don’t  expect  customers  to  jump  for 
joy  at  the  prospect  of  paying  more.  You 
need  to  be  sure  your  managed  services 
offer  a  clear  and  compelling  value  propo¬ 
sition  to  them  (not  just  you). 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Lucent  unveils  wireless  multimedia  system 


■  BY  JIM  DUFFY 

Lucent  recently  unveiled  a  system  de¬ 
signed  to  enable  wireless  operators  to  offer 
VoIP  and  IP-based  multimedia  services. 

Called  Accelerate  IP  Multimedia  Sub¬ 
system  (IMS),  the  system  combines  gear 
from  Lucent  and  its  partners,  including 
Cisco,  IBM  and  BroadSoft.  IMS  is  targeted  at 
operators  of  3G  wireless  networks  designed 
for  data-centric  applications. 

IMS  is  based  on  IP  core  network  stan¬ 
dards  that  have  been  developed  by  the  3G 
Partnership  Project  and  3GPP2,  industry 
bodies  that  are  responsible  for  the  estab¬ 
lishment  of  3G  standards.  At  the  heart  of  the 
IMS  system  is  the  Lucent  Softswitch,  a  plat¬ 
form  that  manages  voice  and  multimedia 


Policy 

continued  from  page  33 

“The  proponents  of  network  neutrality 
regulations  have  yet  to  show  there’s  a  prob¬ 
lem,”  says  Brian  Dietz,  a  spokesman  for  the 
National  Cable  and  Telecommunications 
Association.“It’s  truly  a  solution  in  search  of 
a  problem.” 

The  marketplace  should  take  care  of  any 
discriminatory  policies  that  broadband 
providers  implement,  says  Adam  Thierer, 
director  of  telecommunications  studies  at 
the  Cato  Institute^  libertarian  think  tank. 

A  small  number  of  providers  did  try  to 
block  services,  such  as  open  Wi-Fi  access, 
but  consumers  protested  and  those  poli¬ 
cies  were  abandoned,  Thierer  says.  Broad¬ 
band  providers  that  attempt  to  institute 
such  restrictive  policies  now  would  lose 
customers,  he  adds. 

But  participants  at  the  discussion  insist 


communications  on  IP  networks. 

Another  element  is  Lucent’s  Super 
Distributed  Home  Location  Register 
(S-DHLR),  which  maintains  information 
such  as  subscriber  profiles  and  user  loca¬ 
tion  on  mobile  networks.  The  S-DHLR 
enables  the  creation  of  one  subscriber  pro¬ 
file  for  each  customer  and  all  the  services 
the  customer  uses,  in  contrast  to  the  tradi¬ 
tional  method  of  maintaining  individual 
subscriber  databases  for  each  service, 
Lucent  says. 

A  third  component  is  Lucent’s  MiLife 
applications  suite,  which  personalizes  ser¬ 
vice  delivery  and  billing. 

Among  the  non-Lucent  components  of 
IMS  is  Cisco’s  MGX  8000  series  Media 
Gateways.  These  ATM-based  switches  let 


there  is  a  need  for  a  network  neutrality  pol¬ 
icy  saying  it’s  not  a  big  step  to  anticipate 
owners  of  broadband  pipes  encouraging 
customers  to  use  applications  and  content 
provided  by  partners  and  discouraging 
competing  products.  It’s  not  a  “weird  fan¬ 
tasy”  to  imagine  a  broadband  provider 
blocking  Google  in  favor  of  its  own  search 
technology, saying  it’s  doing  so  to  provide  a 
better  quality  of  service,  Google’s  Mc¬ 
Laughlin  says. 

“When  you  hear  ‘quality  of  service,’  what 
you  should  do  is  raise  your  eyebrow  and 
ask  if  they’re  trying  to  piggyback  discrimi¬ 
nation  on  quality-of-service  arguments,” 
he  says. 

The  Internet  was  designed  to  allow  com¬ 
petition  and  let  the  best  products  and  con¬ 
tent  rise  to  the  top, says  Lessig.a  professor  at 
Stanford  University  and  author  of  a  new 
book,  Free  Culture. 

The  Internet’s  philosophy  is  “bring  your 


mobile  wireless  operators  trunk  voice 
between  their  mobile  switching  centers 
over  a  packet  network  instead  of  over 
leased  lines.  Cisco  says  this  can  reduce 
voice  trunking  costs  by  up  to  80%. 

IMS  also  includes  IBM’s  WebSphere  mid¬ 
dleware,  eServer  BladeCenter  servers  and 
Service  Provider  Delivery  Environment 
framework  and  applications.  Support  for 
WebSphere  in  IMS  ostensibly  will  tie  those 
applications  into  wireless  VoIP  and  multi- 
media  services.  IBM  also  has  a  WebSphere 
development  environment  for  telecom 
applications,  and  Lucent  says  the  two 
companies  are  working  on  fostering  inter¬ 
operability  between  that  and  IMS. 

IMS  also  supports  a  number  of  third- 
party  applications,  including  BroadWorks 


ideas,  and  if  your  ideas  are  great  we  will 
allow  them  to  flourish;  not  ‘bring  your  lob¬ 
byists  and  if  your  lobbyists  are  powerful 
enough  we  will  get  the  government  to  pro¬ 
tect  your  particular  business  model,”’ 
he  says. 

Many  attempts  to  block  Internet  content 
exist,  and  in  many  cases,  those  trying  to 
block  content  are  focusing  their  efforts  on 
the  transmission  capabilities  of  the 
Internet,  MCI’s  Cerf  says.  In  some  cases,  gov¬ 
ernments  outside  the  U.S.  have  tried  to 
block  Web  pages  or  Internet  applications 
by  jailing  or  suing  ISPs.  But  Cerf  also  gave 
examples  of  U.S.  courts  trying  to  stop  ISPs 
from  delivering  adult-themed  Web  pages. 

“Our  concern  is  choice,”  Cerf  says.  “Our 
concern  here  is  for  there  to  be  more 
choice  than  there  is  already  available.” 

Gross  is  a  correspondent  with  the  IDG 
News  Service  s  Washington,  D.  C.  bureau. 


from  BroadSoft,  an  integrated  suite  of 
hosted  PBX,  IP  Centrex,  residential  broad¬ 
band  and  collaborative  conferencing 
applications. 

According  to  analysts, although  the  roster 
of  IMS  components  and  contributors 
appears  comprehensive,  it  could  cause 
confusion  —  and  might  not  be  new 

“Lucent’s  introduction  formally  estab¬ 
lishes  its  intention  to  compete  in  this 
important  segment  of  the  market.  But 
Lucent  delivers  the  good  news  in  a  con¬ 
fused  laundry  list  of  products  and  part¬ 
ners,”  says  Ken  Rehbehn,  principal  analyst 
for  wireless  infrastructure  at  Current 
Analysis.  “Lucent  fails  to  deliver  a  simple, 
coherent  message  to  the  market.” 

Rehbehn  says  IMS  essentially  overlaps 
with  Lucent’s  PacketlN1  software,  which  is 
designed  to  let  service  providers  develop 
and  deliver  VoIP  applications  on  con¬ 
verged  voice/data  networks.  Lucent  says 
PacketIN  is  included  in  IMS  as  an  underly¬ 
ing  component  to  the  MiLife  applications. 

IMS  will  be  offered  under  Lucent’s  re 
cently  announced  High-Speed  Data  for  the 
Mass  Market  bundle. 

Pricing  was  not  available.  ■ 
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More  online! 

Attend  Wireless  LANs:  Gaining  Strength.  Reaching 
Farther,  a  now  Network  World  Technology  Tour  event. 

DocFinder  9932 


View  life  in  Lucent  3G. 


See  customer  demand 
grow  right  before  your  eyes. 

What  do  you  see  in  Lucent  3G?  Enterprises  demanding  solutions  to  increase  productivity. 
Consumers  clamoring  for  new  high-speed  services.  We  can  help  your  network  deliver  it 
all  to  generate  new  revenue.  With  Lucent,  you  get  more  than  proven  technology,  you  get 
the  knowledge  to  best  position  3G  services  to  your  customers.  Using  3G  business  modeling 
tools  developed  by  our  Bell  Labs,  you  can  better  quantify  ROI  and  validate  business 
decisions.  Lucent  enterprise  engagement  teams  can  also  work  with  your  sales  force  to 
show  enterprises  how  best  to  realize  the  potential  of  3G.  See  everything  your  3G  network 
can  be  at  www.lucent.com/3G  or  e-mail  us  at  mobility@lucent.com. 
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enterasys 

Networks  that  Know 


These  days,  no  network  is  free  of  threats.  That’s  why  you  have  to  assign  network  security  privileges  to  everyone. 
Employees,  customers,  and  partners.  You  need  to  set  an  acceptable  use  policy  that  dictates  what  each  of  them  can 
and  can’t  access.  Until  now,  you  had  to  do  this  manually. 

Not  anymore.  Now  you  can  do  what  Baylor  University  did.  Implement  an  Enterasys  Secure  Networks™  solution  with  a 
unique,  policy-based  system  that  empowers  the  network  to  allocate  resources  based  on  specific  users  and  their  roles.  The 
network  “sees”  who  the  user  is  and  assigns  privileges  accordingly.  This  improved  control  also  gives  you  more  security. 

It’s  all  about  giving  you  a  smarter  way  to  network  with  central,  intuitive  management.  Find  out  more  at 
networksthatknow.com/Baylor.  Or  ask  any  one  of  the  many  enterprise  customers  we’ve  worked  with  for  years. 


WHEN  IT  COMES  TO  ITANIUM  SERVERS, 
EVERYONE  ELSE  FOLLOWS. 


Introducing  the  fastest,  most  innovative  Itanium  2  servers  from  NEC  Solutions  America. 


Microsoft- 


Windows  Server  2003 
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NEC 


To  learn  more  about  NEC’s  Itanium  2  servers  and  download  the  free 


white  paper  go  to:  http://www.necsam.com/ia64-9  or  call  1 .866.632.3226 


Empowered  by  Innovation 


When  it  comes  to  Itanium'  2  servers,  no  one  has  more  experience  than  NEC.  NEC's  Express5800/1000  servers 
use  Intel  CPU  technology  combined  with  NEC's  own  platform  to  create  the  fastest  32-way  Itanium  2  server 
available.  With  the  advanced  processing  power  of  the  Itanium  2  chip,  the  Express5800/1 000  performs  up 
to  30%  faster  than  most  RISC  servers,  yet  it's  about  one-third  of  the  cost.  With  90%  of  the  leading  database 
applications  available  for  Itanium  2,  the  Express5800/1 000  will  also  dramatically  increase  the  performance 
of  your  data  center.  NEC's  Express5800/1 000  delivers  competitive  server  pricing,  high-speed  processing,  and 
high  scalability  across  your  network. 
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■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


IPMI  V2.0  eases  blade  management 


■  BY  STEVE  ROKOV 

High-performing,  reliable  systems  used  to 
have  one  drawback:  They  were  usually 
built  with  proprietary  components  that 
offered  little  or  no  interoperability  Server 
management  relied  on  proprietary  tools 
that  made  it  difficult  for  IT  to  manage 
multi-vendor  server  racks  and  blade 
servers.  A  standard  was  needed  to  tie  things 
together,  and  it  arrived  in  the  form  of  the 
Intelligent  Platform  Management  Interface. 

Server  vendors  developed  the  IPMI  stan¬ 
dard  for  cross-platform  system  manage¬ 
ment  starting  in  1998.The  standard  defines 
hardware  management  interfaces  that  let 
IT  managers  receive  status  alerts,  send 
instructions  to  servers,  and  access  various 
console  screens  to  diagnose  and  recover 
from  faults  over  a  network.  More  than  1 60 
vendors  adopted  IPMI  Version  1.5. 

The  latest  revision,  IPMI  Version  2.0,  was 
announced  in  February  and  is  backward- 
compatible.  The  most  notable  enhance 
ments  over  Version  1 .5  are  stronger  security 
and  standardized  console  access. 

At  the  heart  of  IPMI  is  a  dedicated  chip/ 
controller  —  sometimes  called  a  service 
processor  or  baseboard  management  con¬ 
troller  (BMC),  which  typically  sits  on  the 
system  motherboard  or  blade.  The  IPMI 
firmware  is  combined  with  the  BMC  to 
create  the  basis  for  a  stand-alone  platform 
management  subsystem. 

This  subsystem  works  regardless  of  the 
type  or  state  of  processors,  BIOS  or  operat¬ 
ing  system,  allowing  for  manageability, 
monitoring  and  recovery  even  when  the 
rest  of  the  system  is  unavailable. 

All  IPMI  functions  are  accomplished  by 
sending  commands  to  the  BMC,  using 
instructions  identified  in  the  specification. 


The  BMC  receives  and  logs  event  messages 
in  the  system  event  log,  and  maintains  a 
sensor  data  record  that  describes  the  sen¬ 
sors  in  a  system. 

A  separate  area,  for  the  field-replaceable 
unit,  stores  information  about  a  system’s 
hardware  components  that  also  can  be 
retrieved  —  useful  for  service  and  support 


as  well  as  asset  systems. 

IPMI  2.0’s  new  serial  over  LAN  (SOL)  fea¬ 
ture  is  helpful  when  remote  access  to  a  sys¬ 
tem  is  required. SOL  redirects  the  local  ser¬ 
ial  interface  over  an  IPMI  session,  allowing 
remote  access  to  Emergency  Management 
Services,  the  Special  Administration 
Console  for  Windows,  or  the  Linux  serial 
console. The  BMC  does  this  by  redirecting 


information  destined  for  the  serial  port 
over  the  LAN  —  offering  a  standard  way  to 
remotely  view  the  boot,  operating  system 
loader  or  emergency  management  con¬ 
soles,  irrespective  of  vendor,  to  diagnose 
and  repair  problems. 

New  user  logon  and  security  configura¬ 
tion  options  let  configuration  of  IPMI  secu¬ 


rity  and  performance  match  specific 
needs.  These  LAN  session  enhancements 
combined  with  new  payload  capabilities 
enable  multiple  types  of  management  traf¬ 
fic  (such  as  IPMI  and  SOL  —  encrypted  or 
unencrypted)  over  a  single  LAN  session. 

Enhancements  to  IPMI  authentication 
(Secure  Hash  Algorithm  1-  and  Keyed- 
Hashing  for  Message  Authentication- 


based)  and  encryption  (Advance  En¬ 
cryption  Standard  and  Arcfour)  help 
secure  remote  operations. Virtual  LAN  sup¬ 
port  facilitates  setting  up  management- 
only  networks  and  can  be  configured  on  a 
per-channel  basis. 

Hardware  vendors  can  implement  IPMI 
2.0  using  more-flexible  design  choices. 


Modular  extensions  provide  enhanced 
blade  replacement,  and  a  firmware  firewall 
supports  partitioning  and  protection  of 
management  between  blades  in  modular 
system  implementations. 

Rokov  is  director  of  marketing  for  OSA 
Technologies.  He  can  be  reached  at 
steve.  rokov@osatechnologies.  com. 


HOW  IT  WORKS 


IPMI  2.0 

The  Intelligent  Platform  Management  Interface  performs  hardware  management.  Because 
it  works  independent  of  the  operating  system,  administrators  still  can  access  and  recover 

systems  if  the  operating  system 


Baseboard/motherboard/blade 


Sensor  data  records 
Field  replaceable  unit 
data 

0  System  event  log 


IPMI 

baseboard 
management 
controller  (BMC) 


Sensors, 
monitoring  and 
control  circuitry 


doesn’t  respond  or  the  server  is 
powered  down. 

IPMI-enabled 
remote  console 


System  bus 


B,osqp 

Serial  port 


Boot 


LAN  port 


LAN 


i 


\  \  l  / 
Alert 
/  /  \  ' 


OThe  IPMI  BMC  sends  an  alert  to  the  remote  console  over  the  LAN  to  report 
that  the  operating  system  is  not  responding. 

©The  administrator  sends  a  request  to  the  BMC  to  retrieve  the  event  log  and 
sensor  data  to  diagnose  the  fault. 

©The  log  reports  that  a  CPU  overheated  after  a  fan  failed.  The  administrator 
sends  a  power-reset  command  to  the  BMC,  which  instructs  the  power  control 


Administrator's 

view 


circuitry  to  reboot  the  server. 

©The  BMC  redirects  the  boot  screen  as  it  is  being  sent  to  the  serial  port  and 
sends  it  over  the  LAN  connection  to  the  remote  administrator. 

©The  administrator  reboots  the  server  remotely  and  it's  back  online.  Service 
personnel  replace  the  fan  during  the  next  scheduled  downtime. 


Dr.  Internet 


By  Steve  Blass 


Is  there  a  utility  that  can  convert  an  Outlook  mail¬ 
box  folder  full  of  Web  server  log-file  reports  on  our 
Exchange  server  into  individual  text  files  on  my 
hard  drive  all  at  once? 

Check  out  the  free  Personal  Message  Store 
Export  Utility  (see  details  at  www.nwfusion.com, 
DocFinder;  1432).  Choose  the  folders  and  subfold¬ 
ers  you  want  to  extract  messages  from  using 
selection  lists  provided  in  the  program  dialog  and 


identify  the  directory  to  which  you  want  to  move 
the  extracted  messages.  Click  the  Export  button 
to  create  individual  text  files  from  the  e-mail  mes¬ 
sages  and  Outlook  mail  folders  you  select.  The 
program  names  files  by  subject  line  and  consecu¬ 
tively  numbers  messages  with  duplicate  subject 
lines.  It  does  not  export  attachments  by  default, 
but  you  can  change  the  settings  and  have  attach¬ 
ments  exported  to  the  directory  where  message 
files  are  written.  Alternative  methods  for  export¬ 


ing  Outlook  messages  and  attachments  are  listed 
at  DocFinder:  1434.  One  is  a  shareware  utility 
called  Outlook  Attachment  Sniffer  that  installs  in 
your  Outlook  toolbar  to  provide  buttons  for  export 
ing  all  attachments  in  a  foider  hierarchy  at  once 
(details  at  DocFinder:  1433). 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 


www.nwfusion.com 
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Onfolio,  an  outstanding  Web  research  tool 
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One  of  the  most  common  problems 
with  Web  browsing  is  keeping  track 
of  what  you  look  at.  And  when  you 
actually  are  researching  something  on  the 
Web,  keeping  your  results  organized  is 
really  hard.  Over  the  years  we’ve  used  all 
sorts  of  tools  for  this  purpose,  but  we  just 
found  a  new  one  that  is  da  bomb. The  tool 
is  Onfolio  from  Onfolio,  Inc. 

Onfolio  is  a  utility  for  noting  or  capturing 
whole  Web  pages  or  fragments  of  pages.  It 
organizes  your  saved  Web  content  as  fold¬ 
ers  in  “collections,”  all  of  which  can  be 
searched.  And  for  those  of  you  working  col- 
laboratively  Onfolio  lets  you  publish  your 
saved  contents  in  various  ways,  which  we’ll 
discuss  in  a  moment. 

After  a  quick  and  painless  install,  On- 
folio’s  services  can  be  found  in  the  Ex¬ 
plorer  Bar  (that’s  the  optional  pane  to  the 
left  of  the  main  browser  window)  in  Inter¬ 
net  Explorer.  Onfolio  splits  the  Explorer  Bar 
into  a  row  of  buttons  at  the  top  with  two 
sub-panes  below. 


The  buttons  provide  file  functions  (ere 
ate,  modify  and  delete  collections,  as  well 
as  export  and  import  saved  content);  edit 
functions  (operations  on  individual  saved 
content  items);  publishing  services;  help 
options  (including  a  “Suggest  a  feature  ...” 
—  more  products  should  have  this);  and 
Web  page  content  capture  options. 

You  can  capture  content  as  links,  entire 
pages  or,  if  part  of  a  page  is  highlighted,  as 
a  “snippet”  with  or  without  its  current  for- 
matting.You  also  can  add  comments  as  you 
save, and  Onfolio  automatically  records  the 
source  of  the  captured  material. 

The  top  sub-pane  has  tabs;  the  first  tab 
shows  the  collections,  folders  and  subfold¬ 
ers  that  store  your  saved  content,  and  the 
other  tab  presents  the  search  dialog.  If  you 
select  the  collections  tab  in  the  lower  sub¬ 
pane  it  lists  the  items  that  are  in  the  cur¬ 
rently  selected  folder,  and  if  you  select  the 
search  tab  it  shows  the  results  of  a  search. 

Onfolio’s  publishing  facilities  are  very 
powerful;you  can  publish  individual  items, 
folders,  collections  or  search  results  by 
e-mail.  For  an  even  more  polished  delivery 
you  can  create  custom  reports  using  On¬ 
folio  Publisher,  which  comes  with  Onfolio 
Professional  Edition.  The  Professional  util¬ 
ity  provides  an  editing  environment  in 
which  you  can  drag  and  drop  saved  items 


onto  a  report  page,  add  comments  and 
links  to  other  resources,  and  add  contents 
and  graphics.You  then  can  publish  Onfolio 
reports  as  Web  content  (Onfolio  Publisher 
automatically  creates  the  folders,  files, 
hyperlinks  and  even  a  Rich  Site  Summary 
[RSS]  feed). 

Onfolio  Publisher  is  an  impressive  and 
sophisticated  tool.  It  contains  all  the  con¬ 
tent-formatting  commands  you’re  likely  to 
need  (bulleting,  lists,  text  attributes  and 
the  like),  spell  checking  and  preview  in 
browser  support.  It  also  can  create  an 
e-mail  with  the  report  attached,  save  the 
report  to  the  local  file  system  or  launch  an 
built-in  FTP  client  so  you  can  publish  the 
report  (and  its  associated  RSS  file)  to  a 
Web  server. 

Interestingly  Onfolio  reports  are  MIME 
Encapsulation  of  Aggregate  HTML  Docu¬ 
ments  (MHTML)  files,  which  means  they 
have  the  content  of  items  embedded  in 
them.  For  details,  see  RFCs  2110  (www. 
nwfusion.com,  DocFinder:  1428),  2111 
(DocFinder:  1429), 21 12  (DocFinder:  1430), 
and  2557  (DocFinder:  1431). 

RFC  2557  summarizes  the  standard  as:“In 
order  to  transfer  a  complete  HTML  multi- 
media  document  in  a  single  email  mes¬ 
sage,  it  is  necessary  to:  a)  aggregate  a 
text/html  root  resource  and  all  of  the  sub¬ 


sidiary  resources  it  references  into  a  single 
composite  message  structure;  and  b) 
define  a  means  by  which  URls  in  the 
text/html  root  can  reference  subsidiary 
resources  within  that  composite  message 
structure.” 

When  this  encapsulation  method  is 
applied  to  HTML  content  we  get  MIME  En¬ 
capsulation  of  Aggregate  HTML,  or  MHTML, 
so  an  email  client  or  a  browser  can  render 
page  content  without  having  to  retrieve  the 
resources  from  network  servers.  In  effect, 
MHTML  content  appears  as  a  mini  Web  site 
embedded  in  one  file. 

MHTML  is  widely  supported.  For  exam¬ 
ple,  MS  Office  XP/2002,  MS  Office  2000  Web 
archive  add-in,  MS  Internet  Explorer  and 
many  other  utilities  can  save  content  as 
MHTML  archives  (these  usually  have  an 
extension  of  .mht). 

Onfolio  is  terrific,  and  the  only  thing  we 
could  hope  for  is  that  the  firm  extends  On- 
Folio’s  features  to  allow  for  the  capture  of 
content  from  other  applications,  such  as 
the  Microsoft  Office  suite.  Onfolio  also  is 
an  exceptional  value  at  only  $30  for  the 
Standard  and  $80  for  the  Professional 
Edition. 

Save  your  thoughts  to  gearhead@ 
gibbs.com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Thin  is  in  for  these  three  gadgets 


Product  name:  SyncMaster  172x  LCD  monitor 
Company:  Samsung 
Price:  $600 

What  it  does:  This  LCD  monitor  has  a  very  slim  and  light¬ 
weight  design,  dual  inputs  for  analog  or  digital  video,  and 
a  very  fast  response  rate  (12  millisec)  for  gaming  and  other 
video  applications.  Its  overall  look  is  very  uncluttered, 
thanks  to  a  design  feature  that  lets  you  hide  the  connect¬ 
ing  cables  behind  the  monitor. The  monitor  offers  a  500:1 
contrast  ratio,  270  nits  of  brightness  and  viewing  angles  of 
160  degrees  horizontally  and  140 
degrees  vertically 
Why  it’s  cool:  We  were  im¬ 
pressed  by  how  slim  the  monitor 
is.  Controls  to  adjust  the  picture, 
brightness  and  the  like  are 
under  the  display  instead  of  on 
the  face  of  the  monitor.  The 
172x  has  a  dual-hinge  design 
that  lets  users  fold  the  moni¬ 
tor  for  easy  transport,  and 
height  and  tilt  can  be 
adjusted  for  maximum 
comfort.  We  were  irnpres- 


Samsung's  monitor  won  us  over  with  its 
ultra-slim,  clean  design  and  impressive 
performance  for  playing  games. 


sed  with  the  performance  when  play¬ 
ing  a  game  or  watching  a  movie.  For 
companies  looking  to  save  space  on  a 
desk  (in  situations  where  multiple  mon¬ 
itors  are  needed),  the  172x  is  worth  a 
look  for  its  impressive  thin  design  com¬ 
bined  with  a  1 7-inch  view.  Wall-  and  arm¬ 
mounting  brackets  add  to  the  options. 

Grade:  (out  of  five) 

Product  name:  Gmini  220 

Company:  Archos 

Price:  $350 

What  it  does:  This  is  Archos’  answer  to  Apple’s  iPod. 
Primarily,  it’s  a  20G-byte  USB  hard  drive  that  can  play  music 
(MP3, Windows  Media  Audio  and  WAV  files),  record  music 

via  a  built-in  microphone  and 
display  photos  on  a  2.5-inch 
black-and-white  LCD  screen. The 
Gmini  220  also  has  a  line-in/out 
jack  for  connecting  to  external 
stereo  components  and  a  Com¬ 
pact  Fash  slot  for  transferring  pho¬ 
tos  into  the  device,  letting  you 
bypass  the  PC  altogether. 

Why  it’s  cool:  We’re  fans  of  Archos, 
and  the  Gmini  220  is  a  huge  improve 
ment  over  the  first-generation  Archos 
Jukebox.  One  gets  the  same  storage  in 
a  much  smaller  and  lighter  unit,  with  a 
much  more  readable  and  information- 
rich  display  (for  example,  full  song 
information  and  format,  encoding  rate 
and  left/right  balance  display). The  hard- 


Archos'  new  Gmini  220  keeps  all  the  power  but 
cuts  way  down  on  size  and  weight. 

ware  supports  Windows  Media,  a  for¬ 
mat  widely  supported  for  music  down¬ 
loads.  The  integration  with  Music- 
Match  software  was  OK,  but  we  found 
using  the  Gmini  as  a  hard  drive  and 
dragging  the  files  to  it  directly  was 
much  faster. 

Grade:  ★★★★ 

Product  name:  inMotion  Portable  Audio 

Company:  Altec  Lansing 

Price:  $150 

What  it  does:  If  you’ve  invested  a  lot  of  time  putting 
music  onto  an  iPod  or  other  MP3  player,  you  probably 
have  noticed  that  you  have  to  use  headphones  to  listen 
to  music.  The  inMotion  Portable  Audio  system  lets  you 
share  music  via  a  very  portable,  lightweight  speaker  sys- 
tem.The  system  runs  on  four  AA  batteries  or  the  included 
power  adapter,  which  also  can  recharge  your  iFbd  (the 
newer  models  that  include  the  docking  port)  while  you 
listen.  An  adapter  also  is  included  that  lets  you  connect 
older  iPod  devices  and  other  MP3  players  through  an 
auxiliary  port  (but  without  the  recharging  capabilities). 

Why  it’s  cool:  This  is  a  great  accessory  to  let  others  hear 
all  those  playlists  you’ve  been  creating,  and  the  small 
design  gives  you  a  great  on-the-go  speaker  system  to  bring 
the  music  anywhere.  The  speakers’  design  complements 
the  iPod,  and  the  sound  quality  is  excellent. 

Grade:  ★★★★★ 

Multimedia  Editor  Jason  Meserve  contributed  to  this 
report.  Shaw  can  be  reached  at  kshaw@nww.com. 


FOR  SECURITY  REASONS, 
WE’RE  RESTRICTING 
THE  MOVEMENTS  OF 
YOUR  MOBILE  USERS. 


Policy-monaged  connectivity 
that  doesn’t  limit  how 
or  where  they  work. 

Now,  everywhere  is  There. 


Can  you  guard  your  corporate  network 
without  grounding  your  mobile  workforce? 
With  iPass,  they’re  good  to  go.  The  iPass 
Endpoint  Policy  Management  service  makes 
sure  users  are  updated  with  the  right  security 
measures  before  they  log  on,  automatically 
finding  and  fixing  problems  on  the  fly.  So 
you  can  stop  worrying,  and  your  workers  can 
keep  working — everyThere  they  go. 

<02004  iPoss  Inc.  All  Rights  Reserved. 

iPoss  ond  the  iPoss  logo  ore  registered  trodenorks  of  iPoss  Inc. 


Get  the  iPass  Security 
Best  Practices  Guide. 

www.iPassIsThere.com 


iPass 


Enterprise  Connectivity  Services 
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EDITORIAL 

Jeff  Caruso 

IBM  shifts 
the  balance 
of  Power 

If  IBM’s  latest  strategy  takes  hold,  the  way  we  all  think 
about  processors  is  about  to  change, 
i  don’t  think  the  industry  at  large  is  quite  ready  to 
think  in  the  new  terms.  1  certainly  wasn’t,  but  then  again 
it's  been  about  a  decade  since  1  directly  covered  IBM  and 
its  servers. 

When  I  went  to  IBM’s  press  event  last  week  in  New  York, 

I  saw  the  same  faces  I  did  10  years  ago.  Irving  Wladawsky- 
Berger  and  Nicholas  Donofrio  still  are  heading  up  the 
server  operations  —  a  bit  grayer,  perhaps,  but  also  proud 
of  their  accomplishments  since  launching  the  Power  RISC 
processor  in  1990. 

I  expected  the  kind  of  processor  announcement  I 
would  have  attended  back  then  —  speeds,  feeds,  capa¬ 
bilities  of  a  new  generation  of  processor.  And  in  fact, 
rumors  were  swirling  before  the  event  that  IBM’s  highly 
anticipated  Power5  would  officially  be  unveiled.  (It 
wasn’t.) 

But  IBM  had  a  different  story  altogether  (www.nwfu 
sion.com,  DocFinder:  1447).  Over  the  past  decade,  the 
company  apparently  has  learned  from  open  movements 
such  as  Linux  and  Java  and  now  is  asking  how  these 
philosophies  might  be  applied  to  processors. 

The  reason  for  the  openness  is  this:  IBM  has  seen  the 
writing  on  the  wall. The  processor  speed  increases 
we’ve  become  accustomed  to  are  going  to  become 
physically  impossible  because  those  advances  stem 
from  making  transistors  ever  smaller.  Eventually,  you’re 
dealing  with  individual  atoms,  and  you  can’t  get  smaller 
than  that. 

There  is  still,  however,  a  way  to  make  applications  run 
faster:  Move  the  applications  into  the  chip  itself. 

That’s  where  the  open  initiative  comes  in. Third  parties 
can  license  IBM’s  Power  chip  design,  add  in  their  own 
application-specific  magic  and  produce  a  new  chip  with 
all  the  goodness  baked  right  in. 

Think  of  network  gear  that’s  fast  because  it  uses  a  RISC 
processor  and  ASIC  chips  —  only  the  gear  is  even  faster 
because  the  RISC  processor  and  ASICs  are  now  one  and 
the  same  chip,  cutting  down  on  communications  time 
between  the  different  elements  in  the  box. 

IBM  has  its  work  cut  out  for  it  in  explaining  this  brave 
new  world  of  processors.  The  company  last  week  talked 
about  education  and  released  tools  to  help  developers. 
But  it’s  a  long  road  from  here  to  the  thriving  ecosystems 
we’ve  seen  with  Linux  and  Java,  and  these  are  only  first 
steps.  In  the  meantime,  the  world  is  still  waiting  for 
Power5. 

—  Jeff  Caruso 
Managing  editor,  online  news 
jcaruso@nww.  com 
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opinions! 


Nightmare  or  regulation? 

Mark  Gibbs’  Backspin  column  “Nightmare  or  regu¬ 
lation,  your  choice”  (www.nwfusion.com,  Doc- 
Finder:  1423)  elicits  no  wild  cheering  or  howls  of 
protest  here,  but  what  could  best  be  described  as 
a  sigh  of  resignation.  The  IT  industry  as  a  whole 
needs  to  get  its  act  together  and  come  to  the 
understanding  that  fragmentation  damages  our 
collective  reputation.  This  is  unlikely  to  happen 
simply  because  most  companies  are  profit-driven 
entities  and  product  differentiation  tends  to  pro¬ 
duce  profits  in  the  short  term.  Until  there  is  a  shift 
in  profit  taking  to  the  long  term,  there  will  be  no 
industry  push  to  stabilize  features  or  interoperabil¬ 
ity.  That  means  the  government  will  have  to  step  in 
sometime  before  the  whole  thing  becomes  a  mess 
we  can’t  clean  up.This  really  stinks  because  I’ve  yet 
to  find  an  excellent  example  of  the  government 
legislating  behavior  that  is  fair,  balanced  and  free 
from  prejudice.  Somebody  always  loses,  and  often 
it’s  a  little  guy  with  a  great  idea,  for  lack  of  lobby¬ 
ing  power. 

I  challenge  the  IT  industry  as  a  whole  to  make  a 
case  that  their  products  would  be  relevant  or  usable 
without  standards  and  interoperability  require- 
ments.They  should  embrace  the  fact  that  some  uni¬ 
formity  is  a  good  thing.  Imagine  how  costly  it  would 
be  to  sell  an  electronic  product  if  you  had  no  idea 
what  power  interface  was  available?  The  two-prong 
grounded  outlet  that  provides  1 10  volts  at  60  cycles 
makes  the  whole  process  much  easier  and  makes 
products  saleable  to  a  much  larger  audience  at  a 
lower  cost.  Uniformity  can  offer  economies  of  scale, 
and  interoperability  can  offer  long  product  life 
cycles  with  less  waste. 

Chad  Dailey 
Lincoln,  Neb. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


I’d  be  more  in  favor  of  an  accountability  system  than 
government  regulation.  Let  the  world  have  recourse 
if  such  a  catastrophe  happens.  Require  that  such 
“cultural  infrastructure”  software  come  with  war¬ 
ranties  and  liabilities  if  it  doesn’t  perform  for  the 
intended  purpose. 

Prices  might  go  up,  but  at  least  you  know  why  and 
that  the  price  increases  would  reflect  the  real  cost  of 
cultural  infrastructure.  Instead  of  government  regu¬ 
lation,  I’d  much  rather  have  this  driven  by  responsi¬ 
ble  parties  who  have  some  skin  in  the  game. 

The  interesting  part  is  that,  in  either  case,  Microsoft 
(and  other  proprietary  software  vendors)  would  be 
required  to  have  their  code  audited  and  bugs  vetted 
at  customer/taxpayer  expense.That  wouldn’t  bother 
me  too  much  if  that  code  was  then  open  to  the  pub¬ 
lic,  but  it  wouldn’t  be  —  and  Microsoft  would  make 
even  more  money  at  our  expense  going  forward, 
which  would  bother  me  the  most. 

It  seems  like  a  perfect  niche  for  open  source.  If 
we  pay  vendors  to  fix  their  proprietary  code,  it  will 
mostly  benefit  vendors.  But  if  we  pay  vendors  to 
replace  the  cultural  infrastructure  problem  itself.it 
will  benefit  society  more  both  in  the  short  and 
long  term.  Doesn’t  seem  like  too  much  of  a  stretch 
when  looking  at  the  ROI,  but  still  doesn’t  answer 
the  accountability  issue.  However,  if  the  U.S.  wants 
to  continue  to  be  an  intellectual  powerhouse 
among  nations,  this  is  one  way  to  do  it,  much  as 
highways  and  dams  made  it  the  industrial  power¬ 
house  of  the  world. 

Toby  Meehan 
Milwaukee 

Sure,  declare  Windows  a  critical  cultural  infrastruc¬ 
ture  item  and  regulate  the  daylights  out  of  it.  Then 
we’ll  have  a  Windows  with  the  efficiency  and 
dynamism  the  likes  of  Amtrak.the  U.S. Postal  Service, 
cable  television  and  the  RBOCs.  Great  idea. 

Jeff  Steinport 
Grand  Rapids,  Mich. 


More  online!  www.nwftision.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder;  1421 
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LEGAL  ISSUES 

Laura  McDonald  and  Hank  Levine 


VoIP  and  your  telecom  contract 


Many  users  are  testing  and  evaluating  VoIP  options.  As  you  con¬ 
sider  items  that  could  affect  the  cost  of  transitioning  to  VolR 
don’t  overlook  a  critical  factor  right  in  front  of  you  — your  tele¬ 
com  contract.  Before  you  invest  in  VoIRmake  sure  that  moving  your  tra¬ 
ditional  voice  traffic  to  VoIP  will  not  increase  your  costs  in  ways  you 
might  not  have  anticipated. 

First,  does  your  contract  specify  a  minimum  commitment?  Many 
agreements  have  monthly,  annual  or  term  minimum  purchase  com¬ 
mitments.  If  moving  your  voice  traffic  results  in  falling  short  of  these 
commitments,  you  could  be  subject  to  a  number  of  unanticipated 
costs.  Many  commitment  clauses  are  versions  of  take-or-pay,  meaning 
that  if  you  don’t  use  the  services,  the  carrier  could  come  after  you  for 
all  (or  most)  of  the  shortfall  amount. 

Some  contracts  are  written  so  that  in  addition  to  a  shortfall  penalty, 
you  lose  discounts,  theoretically  letting  the  vendor  raise  your  rates  on 
both  current  and  previous  usage.  Ouch. 

Second,  find  out  if  you  have  any  traffic  ratio  commitments  or  mon¬ 
itoring  conditions.Do  you  have  a  commitment  that  a  certain  amount 
of  your  traffic  be  international  or  interstate?  If  you  move  legacy  voice 
traffic  to  VolPyou  could  upset  those  balances  and  not  meet  your  re¬ 
quirements,  with  potentially  catastrophic  results.  Similarly,  check  to 
see  if  your  contract  has  requirements  about  duration  of  average  call. 
Some  contracts  make  rates  (especially  inbound  rates)  contingent  on 
an  average  call  duration  of  a  certain  number  of  minutes.  Again,  if  you 
move  certain  traffic  to  Volf?  you  could  fall  below  this  average  and 
lose  your  discounts. 

You  might  be  able  to  get  around  these  and  similar  problems  if  you 


negotiate  specific  protections  into  your  telecom  agreements  or  limit 
your  VoIP  rollout.  So  if  you’re  in  the  process  of  negotiating  a  new  tele¬ 
com  agreement  and  are  considering  a  move  to  VolR  make  sure  you 
take  these  steps: 

•  Build  a  sufficient  buffer  in  your  commitment  to  let  you  move  traffic 
without  putting  you  in  jeopardy  of  missing  the  commitment. 

•  Make  sure  you  can  meet  any  jurisdictional  or  duration  commit¬ 
ments  once  you  move  your  traffic. 

•  Ask  for  and  invest  time  in  negotiating  a  good  technology 
change/transfer  clause.  The  carriers’  clauses  are  worthless  —  they 
commit  the  carriers  to  nothing  more  than  a  conversation.  A  well-writ¬ 
ten  technology  migration  clause  can  help  you  minimize  or  avoid  lia¬ 
bility  for  shortfall  if  you  move  to  a  new  technology 

•  Don’t  overlook  clauses  that  apply  only  to  data  services  —  remem¬ 
ber,  VoIP  looks  like  a  data  service.  If  you’re  going  to  send  voice  traffic 
over  a  managed  Internet  service  or  Multi-protocol  Label  Switching, 
determine  whether  the  vendor’s  acceptable  use  policy  applies  to  your 
voice  traffic.  If  so,  determine  whether  it  is  overly  broad  and  lets  the  ven¬ 
dor  shut  you  down  for  seemingly  minor  violations. 

By  thinking  ahead, you  can  avoid  some  nasty  surprises.You  want  your 
new  VoIP  service  to  work  and  be  cost-effective.  Advanced  planning  can 
help  on  both  fronts. 

McDonald  and  Levine  are  partners  at  Levine,  Blaszak,  Block  <£ 
Boothby,  LLB  a  law  firm  that  specializes  in  negotiating  telecom  and 
technology  agreements  for  enterprise  customers.  They  can  be  reached 
at  lmcdonald@lb3law.com  and  hlevine@lb3law.com,  respectively. 


Make  sure  that 
moving  your 
traditional 
voice  traffic  to 
VoIP  will  not 
increase  your 
costs  in  ways 
you  might  not 
have  anticipated. 


CACHE  ADVANCE 

Linda  Musthaler 


t’s  been  a  long  time  since  I  read  Dale 
Carnegie’s  book  How  to  Win  Friends  and 
Influence  People,  but  I’m  pretty  sure  there 
wasn’t  a  chapter  called  “Win  new  business  by 
suing  everyone.”  Perhaps  we  should  buy  a  few  cases  of  the  book  and 
spread  them  around  the  executive  offices  at  The  SCO  Group,  the  com¬ 
pany  that  has  gone  Linux  lawsuit-happy  as  of  late. 

In  addition  to  suing  fellow  IT  vendors  such  as  IBM  and  Novell,  SCO  is 
now  going  after  users  such  as  AutoZone  and  DaimlerChrysler.  I  guess 
SCO  CEO  Dari  McBride  and  his  colleagues  have  concluded,  “If  you 
can’t  join  them,  beat  them.”  Beat  them  with  a  stick,  that  is. 

McBride  says  SCO  tried  to  settle  the  matter  of  intellectual  property 
rights  amicably  by  licensing  its  technology  through  a  program  called 
SCOsource.When  that  didn’t  work,  the  company  resorted  to  the  courts 
to  enforce  its  alleged  rights. While  I’m  100%  behind  the  notion  of  being 
paid  for  your  intellectual  property  in  this  case  there’s  some  serious 
doubt  to  SCO’s  claim. 

The  premise  of  the  lawsuits  is  SCO’s  claim  to  be  the  rightful  owner  of 
Unix,small  parts  of  which  might  have  made  their  way  into  open  source 
Linux  code. SCO  asserts  that  any  company  selling  or  using  Linux  is  vio¬ 
lating  SCO’s  intellectual  property  rights.  In  reality  many  of  these  decla¬ 
rations  are  in  dispute. 

The  open  source  community  denies  that  any  parts  of  Unix  were  used 
in  developing  Linux.  Novell  says  it  owns  the  disputed  rights  to  the  Unix 
code.  IBM  is  fighting  SCO’s  claim  that  IBM  misappropriated  copyrighted 
Unix  source  code.  And  Red  Hat  is  suing  SCO,  claiming  unfair  and 
deceptive  actions  in  its  assertions  of  copyright  infringements. 

In  my  opinion.SCO  took  some  bad  advice  and  is  working  off  a  pretty 
tenuous  business  plan  today  A  lot  of  puzzle  pieces  have  to  be  sorted 
out  in  court  before  SCO  can  claim  victory.  I  have  my  doubts  whether 
SCO  can  survive  in  the  meantime.  SCO  says  it  has  two  primary  sources 
of  revenue:  sales  of  its  Unix  software  (OpenServer  and  UnixWare),  and 
licensing  of  its  Unix  code  and  derivative  works.The  former  is  in  decline. 


SCO  business  ‘plan’  is 


and  the  latter  has  yet  to  take  off.  And  the  lawsuits  have  made  SCO  an 
industry  pariah  (see  www.nwfusion.com,  DocFinder:  1424). 

By  SCO’s  admission  in  its  January  Form  10-Q  filing  to  the  Securities 
and  Exchange  Commission, “The  decline  in  our  Unix  business  revenue 
may  be  accelerated  if  industry  partners  withdraw  their  support  as  a  re¬ 
sult  of  our  SCOsource  initiatives  and  in  particular  any  lawsuits  against 
end  users  violating  our  intellectual  property  and  contractual  rights.” 

Thank  heavens  Microsoft  still  sees  lots  of  value  in  SCO’s  business. 
Microsoft  has  paid  SCO  for  the  license  rights  to  the  Unix  technology  “to 
ensure  interoperability  and  legal  indemnification  for  our  customers,”  a 
Microsoft  spokesperson  says.  Certainly  it  wouldn’t  be  to  slow  down  the 
adoption  of  Linux,  a  leading  rival  to  Windows,  would  it?  We  now  know 
that  Microsoft  senior  executives  influenced  the  $50  million  investment 
that  BayStar  Capital  made  in  SCO  last  October,  although  the  exact  rea¬ 
sons  for  this  investment  aren’t  clear. 

CIOs,  rightfully,  are  keeping  a  wary  eye  on  the  developments  sur¬ 
rounding  the  intellectual  property  rights  issue.  Companies  with  vast 
stakes  in  Linux,  such  as  HP  and  Novell,  are  offering  to  indemnify  their 
customers  against  lawsuits, should  they  erupt. 

I  might  have  more  empathy  for  SCO  if  it  actually  had  developed  the 
Unix  code  in  question.  Instead,  the  company  (claims  to  have)  gained 
the  rights  to  the  Unix  intellectual  property  through  a  fortuitous  acqui¬ 
sition.  In  its  decades-long  history,  there  have  been  many  disputes  over 
who  really  owns  Unix. 

It’s  sad  that  SCO  had  the  opportunity  to  turn  itself  into  a  competitive 
purveyor  of  Unix  and  Linux  but  instead  decided  to  make  its  money 
through  scare  tactics  and  the  courts. The  company  better  turn  a  profit 
soon, or  there  might  not  be  an  SCO  left  to  continue  the  fight.  I  just  hope 
there’s  enough  money  left  over  for  McBride  to  buy  his  own  copy  of 
Carnegie’s  book. 

Musthaler  is  vice  president  of  Currid  &  Company,  a  Houston  tech¬ 
nology  assessment  firm.  She  can  be  reached  at  linda@currid.com. 
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In  fact,  75%  of  larger 
expected  to  consolidate 
storage  this  year,  according  to  IDC. 
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if  Hi  ,  1  f-) £3  “The  goal  of  consolidation  is  to  cut 

*1 1  1  I  (jl  ^  costs," says  Gordon  Haff, a  senior  analyst  at  Ilfumihlla  “ 

there  are  a  number  of  different  ways  to  do  that,  depending  on  ; 

^  business  goals, your  applications, your  existing  skill  sets  and  your  environ* 

There  is  no  ‘right  way’  to  consolidate.” 

If  you’re  starting  with  many  small-scale  Windows  servers,you  could  central^ 
ize  onto  fewer  servers,  using VM Ware’s  VM Ware  to  more  flexibly  provide 
hardware  resources.  Or  you  can  use  blade  servers  for  physical  consolidate 
on  one  rack  with  a  unified  management  across  the  blades. 

In  the  Unix  world,  HPIBM  and  Sun  offer  large  servers  that  can  be 
tioned.  Or  you  can  go  with  a  few  clustered  machines. 

The  goal  is  not  simply  reducing  the  number  of  servers;  it’s  making  your 
data  center  easier  to  manage.  With  that  in  mind.  Meta  Group  suggests^ 
phased  approach. Step  one  is  to  collocate  your  servers. Second  is  to  < 
solidate  your  storage  onto  storage-area  networks  (SAN). 

At  that  point  you  need  to  reduce  the  variety  of  applications  anr^ 
servers  and  decide  what  to  keep,  what  to  get  rid  of  and  wh« 
replace,  says  Gartner  analyst  Philip  Dawson.  Equally  important  is 
investing  in  management  tools  to  improve  technician-to-server 
ratios,  Dawson  says. 

All  of  these  points  are  illustrated  in  the  following  case  studies,  -  r' 

Brundel  is  a  freelance  writer  in  Michigan.  She  can  be  reached  at  ^:\|| 

mary.  brandel@comcast.  net. 
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CASE  STUDY >  1 

BEYOND  the  SUPERDOME 

Consolidation  paves  the  way  for  utility  computing. 

■  BELKIN  •  COMPTON,  CALIF. 


THE 


“Are  you  crazy?'  That  was  the  reaction  John  Adcock,  network  services 
manager,  got  when  he  told  the  vice  president  of  finance  that  he  planned  to  port  applica¬ 
tions  from  1 1  Sun  data  center  servers  to  one  64-processor  HP  9000  Superdome. 


After  all,  the  servers  were  running  a 
highly  customized  version  of  Oracle’s  Hi 
database  and  enterprise  applications.The 
consolidation  would  require  a  complete 
data  conversion,  including  241  patches, 
some  of  which  can  take  hours  to  apply 
And  this  wasn’t  the  only  IT  project  the 
fast-growing  interconnectivity  manufac¬ 
turer  had  going  on  at  the  time. 

But  there  was  a  method  to  Adcocks 
madness.  His  Sun  Solaris  6500  database 
server  not  only  needed  upgrading,  but  it 
,  also  had  crashed  six  to  eight  times  during 
its  two  years  in  service.  Adcock  wasn’t  so 
sure  he  wanted  to  stick  with  Sun,  but  he 
also  didn’t  want  a  mixed  environment. 
One  day,  while  researching  server  prices, 
the  Sun  server  crashed  for  the  last  time.“I 
realized  that  1  had  the  ammunition  to 
change  this,”  Adcock  says. 

That’s  when  the  serious  homework 
began.lt  took  two  months  to  assemble  the 
data  needed  to  compare  the  three-year 
costs  of  purchasing,  upgrading,  maintain¬ 
ing  and  supporting  several  Sun  servers  vs. 
purchasing  one  high-end  HP  server,  con¬ 
verting  the  data  and  training  his  staff  on 
HP-UX.  Other  considerations  included 


:loor  space,  power  consumption,  adminis- 
tion,  manageability,  labor  costs  and 
connectivity  costs. 

Consolidation  turned  out  to  be  the  less- 
expensive  option.  Even  so,  “I  had  two  to 
three  weeks  of  sleepless  nights  after  mak¬ 
ing  the  decision, "Adcock  says.  “It’s  one  of 
those  decisions  I  knew  would  make  or 
break  a  career.” 

The  consolidation  has  had  many  bene¬ 


fits,  including  a  move  toward  utility  com¬ 
puting.  For  instance,  Adcock  bought  a 
64-processor  Superdome,  but  only  paid 
for  48. The  unused  processors  are  priced 
at  “instant  capacity  on  demand”  prices 
and  can  be  “turned  on”  and  paid  for  as 
needed. 

Adcock  says  he  also  likes  the  enhanced 
fault-tolerance  capabilities  afforded  by 
partitioning.  “I  have  nine  instances  run¬ 
ning  on  the  Superdome;  technically  it 
functions  like  nine  separate  servers,”  he 
says.  As  a  result,  if  a  network  card  goes 
down  or  an  app  misbehaves,  none  of  the 
other  applications  are  affected.  If  a 
processor  fails,  an  auxiliary  processor 
kicks  in. 

But  as  Adcock  anticipated,  the  move 
wasn’t  easy  His  team  had  almost  finished 
when  it  got  word  that  it  had  one  month  to 
upgrade  its  Oracle  applications  to  support 
the  company  splitting  into  two  separate 
entities.  Even  though  this  entailed  halting 
and  then  starting  over  again  on  the  con¬ 
version,  it  actually  made  it  easier  because 
it  eliminated  the  need  to  transfer  patches 
from  the  old  version  of  the  application. 
“We  had  a  team  of  about  10  people  do  it 
in  a  week,”  Adcock  says. 

It  all  ended  well,  but  Adcock 
says  the  main  lesson  he 
learned  was  that  it’s  important 
to  know  all  the  major  projects 
planned  across  the  company 
for  the  next  six  months.  Other 
advice  he  offers: 

•  Create  a  detailed  infrastruc¬ 
ture  diagram  of  your  current  environ¬ 
ment. 

•  Be  sure  that  what  you’re  moving  to  will 
give  you  the  same  or  better  performance. 

•  Don’t  wait  to  be  up  and  running  to 
train  employees  on  the  new  environment. 

When  things  quiet  down,  Adcock  plans 
to  use  Superdome’s  Itanium  chip,  which 
can  run  Windows  and  Linux,  to  consoli¬ 
date  most  of  Belkin’s  Intel-based  servers. 


Previous  architecture; 

•  11  Sun  servers,  including  a  28-proces¬ 
sor  Solaris  6500,  six  4500s  and  four 
smaller  Solaris  servers. 

Consolidated  architecture: 

•  64-processor  HP  9000  Superdome 
running  HP-UX. 

•  EMC  DMX  SAN. 

Consolidated  applications: 

•  Oracle  1 1  i  database,  plus  Oracle 
manufacturing,  financials,  purchasing, 
human  resources  and  payroll  applica¬ 
tions. 

Main  reason  for  consolidation: 

•  When  Belkin  needed  to  upgrade  its 
Sun  Solaris  6500  server,  it  decided  to 
move  to  an  HP  platform,  but  it  didn't 
want  a  mixed  HP/Sun  environment.  This 
led  the  company  to  consolidate  on  HP. 

Benefits: 

•  250%  improvement  in  system 
performance. 

•  Superdome  requires  one-third  of  the 
floor  space  and  one-tenth  of  the  power 
of  the  previous  11  servers. 

•  Decrease  in  overall  cost  of  ownership, 
even  when  considering  education  and 
conversion  costs. 

•  Volume  management  software  sav¬ 
ings  of  $140,000  per  year.  The 
Superdome  has  built-in  volume  man¬ 
agement  software,  negating  the  need 
to  purchase  third-party  software. 

Lessons  learned: 

•  "You  have  to  know  your  environment 
inside  and  out  —  storage,  connectivity, 
switches,  available  storage,  storage  in 
use,  everything,"  says  John  Adcock, 
network  services  manager  at  Belkin. 
“You  should  also  get  a  definite  project 
plan  of  everything  planned  by  the  com¬ 
pany  for  the  next  six  months,”  he  sug¬ 
gests,  because  a  consolidation  will 
consume  a  lot  of  your  staff  resources. 
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wnen  man  ronton  proposed  to  the  executive  committee  that 
the  international  law  firm  should  consolidate  more  than  160  servers  in  1 1  offices, 


including  its  headquarters  in  Washington,  D.C.,  in  a  remote  facility,  the  clincher  was 
six  simple  words:“three  blocks  from  the  White  House.” 


At  the  time,  Howrey  had  160  Intel- 
based  servers  and  four  IBM  RS/ 
6000s,  three-quarters  of  which  were 
housed  in  the  basement  of  head¬ 
quarters.  When  the  office  closed, as  it 
did  after  the  Sept.  1 1  terrorist  attack 
on  the  Pentagon,  each  day  of  down¬ 
time  cost  the  company  $2  million  in 
lost  revenue.  When  he  joined  the 
firm  as  CIO  15  months  ago,  Conlon 
quickly  realized,  “it  was  not  a  safe 
place  for  servers  to  be.” 

Conlon  chose  a  site  50  miles  west 
of  Washington  for  Howrey’s  new 
data  center  location.  But  rather  than 
simply  relocate  all  those  Intel 
servers,  he  decided  instead  to 
refresh  the  aging  technology  and  at 
the  same  time  simplify  it.  He  took  the 
Microsoft  .Net  applications  running 
on  the  Intel  machines,  replaced 
many  of  them  with  their  Java  2 
Platform  Enterprise  Edition  counter¬ 
parts  and  implemented  a  new  con¬ 
solidated  platform  to  run  them  on: 
four  four-processor,  clustered  Sun 
V880  Sun  Fire  servers  running  an 
Oracle  database.  Storage  also  was 
consolidated  on  a  Sun  StorEdge 
9980  SAN.  Conlon  chose  BMC 
Software’s  Patrol  to  manage  the  envi¬ 
ronment. 

“A  lot  of  the  legal  applications  are 
.Net-based,”  he  says.  “But  time  and 
attendance,  our  collaboration  appli¬ 
cations  and  our  document  manage¬ 
ment  system  are  Java-based.” 


In  all,  he  cut  the  number  of  Intel 
servers  in  half.  Another  10  will  be 
retired  when  e-mail  is  moved  to  the 
Sun  cluster. 

Conlon  also  plans  to  retire  the 
RS/6000s  when  he  installs  a  new 
practice  management  system  on  the 
Sun  servers.  The  data  center  also 
houses  four  smaller  Sun  V880s,  and 
fourV20s  for  Web  servers  and  a  test¬ 
ing  and  development  platform. 

All  of  Howrey’s  10  offices  connect 
to  the  data  center  over  a  T-3  or  T-l 
WAN  and  a  diverse-carrier  Internet 
connection,  so  that  if  either  line 
goes  down,  data  is  rerouted  through 
the  other. 

Conlon  says  he  now  has  the  ability 
to  prioritize  which  applications  get 
more  processing  power,  based  on 
their  IP  address  on  the  network.  “All 
the  document  management  servers 
get  high  priority  on  the  WAN,  as  well 
as  on  the  servers,”  he  says. 

He  also  says  he  is  happy  with  the 
high-availability  capabilities  made 
possible  through  clustering.  How¬ 
ever,  he  admits  that  so  far,  the  data 
center  is  more  of  a  “secure  bunker” 
than  a  true  disaster-recovery  site 
because  he  does  not  yet  have  a  repli¬ 
cation  site  set  up.  “It  cost  $2  million 
just  to  get  the  first  data  center,” 
Conlon  says. 

An  unintended  benefit  of  the 
server  consolidation  has  been  the 
ability  to  turn  applications  into  rev- 
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enue  generators.  Its  large  litigation 
support  application  involves  tens  of 
millions  of  pages  of  images.  Now 
that  the  firm  can  carve  out  10T  bytes 
to  support  those  images  on  the  SAN, 
it  can  charge  clients  for  image  stor¬ 
age.  As  a  result, “this  particular  appli¬ 
cation  pays  for  itself,”  Conlon  says. 

The  same  is  true  for  several  other 
applications.  Because  its  document 
management  is  centralized  —  which 
Conlon  says  is  unusual  for  law  firms 
—  it  can  charge  internal  and  external 
counsels  for  the  ability  to  collaborate 
in  electronic  workrooms  and  share 
documents.  And  because  the  offices 
no  longer  need  to  support  document 
management,  this  centralization  also 
has  led  to  more  cost  savings,  at  least 
$200,000  per  office,  per  year. 


Previous  architecture: 

•160  Intel  servers  in  11  international 
offices. 


1  Sun  StorEdge  9980  SAN. 
>J2EE  infrastructure. 


•  Ability  to  create  new  sources  of  rev¬ 
enue  by  centralizing  applications. 


•  Four  IBM  RS/6000s  at  headquarters. 

•  .Net  infrastructure. 


Consolidation  applications: 

•  Document  management,  billing, 
imaging  and  collaboration  tools. 


•Savings  of  at  least  $200,000  per 
office,  per  year,  by  centralizing  docu¬ 
ment  management. 


Consolidated  architecture: 

•80  Intel  servers,  soon  to  be  70. 


•  Four  four- processor,  clustered  Sun 
V880  Sun  Fire  servers  running  Oracle. 
(The  RS/6000s  will  be  retired  when  the 
company  moves  to  a  new  accounting 
system.) 


Main  reason  for  consolidation: 

•  Howrey  wanted  to  relocate  its  data 
center  to  outside  of  Washington,  D.C., 
for  better  disaster  recovery  and 
availability. 


•  Four  Sun  Enterprise  220Rs  for  Web 
serving,  testing/development. 


Benefits: 

•  Elimination  of  data  center  downtime. 
(One  day  of  downtime  equals  $2  mil¬ 
lion  in  revenue.) 


Lessons  learned: 

•  As  part  of  its  consolidation  effort, 
Howrey  also  centralized  its  storage 
with  a  SAN.  However,  “a  SAN  is  not 
something  you  plug  in  and  walk  away 
from,”  says  Brian  Conlon,  CIO  at 
Howrey.  He  is  looking  for  a  managed 
service  provider  but  is  discovering  this 
type  of  expertise  hard  to  find. 
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UPGRADE 
DRIVES  consolidation 


Hospitals  turn  to  sewer  par¬ 
titioning  and  clustering  to 
reduce  maintenance  costs. 


■  OAKWOOD  HEALTHCARE  SYSTEM 
«  DEARBORN,  MICH. 


Oakwood  Healthcare 


System  had  the  classic  recipe  for  a  server  consol¬ 
idation:  Technology  costs  were  rising  as  applica¬ 
tions  and  IT  initiatives  grew,  server  volume  was 
becoming  cumbersome  to  manage,  data  center 
space  was  at  a  premium,  and  the  workload  was 
dramatically  increasing. 

So  when  its  5-year-old  BeopleSoft  financials  and 
human  resources  system  needed  to  be  upgraded, 
the  regional  healthcare  organization  took  the 
opportunity  to  transition  from  aging  IBM  RS/6000s 
to  new  IBM  eServer  pSeries  servers. 

“We’ve  proven  we  can  work  with  fewer  physical 
platforms  and  handle  them  with  fewer  people,” 
says  Brian  Bsrlstein,  lead  systems  architect  in  the 
design  and  infrastructure  group  at  Oakwood,  a 
network  of  four  hospitals,  15  healthcare  centers, 
two  skilled  nursing  centers  and  numerous  health¬ 
care  facilities  in  southeast  Michigan. 

See  PeopleSoft,  page  48 
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Keep  one  eye  on  performance 
and  the  other  on  your  budget. 


AMD£t 


Introducing  the  new  HP  ProLiant  DL145  server  featuring  the  performance-boosting  AMD  Opterorf  processor. 

You  can  now  unleash  greater  server  performance  even  as  you  rein  in  spending.  Our  new  HP  ProLiant  DL145  server  turns  up  the  dial  on  32-bit  performance, 
owing  to  the  lightning-quick  memory  access  of  the  AMD  Opteron  processors.  Setup  is  simple.  And  based  on  industry  standards,  the  DL145  is  exceedingly 
flexible  and  scalable  to  fit  seamlessly  into  your  network,  now  and  many  quarters  down  the  road.  When  you  need  technology  solutions  that  work  harder 
within  your  budget,  demand  more  affordability  and  more  performance,  from  HP. 


HP  ProLiant  DL145 
SERVER 

$1,599 

1  xl.60GHz  AMD  Opteron  processor 
expandable  to  2  x  2.20GHz 
1GB  PC2700  DDR  SDRAM  expandable 
to  16GB 

Integrated  dual  port  10/100/1000  NICs 
1  40GB  ATA  hard  disk  drive 
1  PCI-X  64-bit/133MHz  slot 
1-Year  Limited  Global  Warranty 


invent 


To  learn  more  about  how  the  HP  ProLiant  DL145  can  give  you  an  affordable 
performance  boost,  go  to  www.hp.com/go/ProLiantAMD5  or  call  1-877-726-8112. 
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Prices  shown  are  HP  direct  prices;  reseller  and  retail  prices  may  vary.  Pnces  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient  s  address.  For  hard  drives,  GB=billion  bytes.  Certain  warranty  restrictions  and  exclusion,  r."  , 
For  complete  warranty  details,  call  1-800-345-1518  (U.S.).  All  featured  offers  available  in  U.S.  only.  AMD,  the  AMD  Arrow  Logo.  AMD  Opteron  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc  ©2004  Hewlett -Packard  Development  Company,  L  P 
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Of  the  four  servers,  two  have  eight  CPUs, 
one  has  four,  and  one  has  16.  Perlstein 
plans  to  add  two  more  eight-processor 
pSeries  servers  to  consolidate  another 
five  RS/6000  servers.  All  are  connected  to 
two  IBM  TotalStorage  Enterprise  Storage 
Servers. 

By  reducing  its  server  count,  Oakwood 
has  reduced  its  ratio  of  technical  staff  to 
servers  from  17-to-l  to  13-to-l.(That  figure 
also  includes  Windows  servers.)  And 
because  of  the  reduced  labor  require¬ 
ment,  the  staff  has  been  freed  to  learn 
about  automated  monitoring  tools,  which 
has  further  reduced  IT  costs.“We’re  taking 
the  skill  set  of  scripting  to  automate  sys¬ 
tem  administration  tasks  so  we  can  man¬ 
age  more  systems  than  in  the  past,” 
Perlstein  says. “Consolidation  has  assisted 
in  that  automation  because  it  opens  up  a 
window  of  time.” 

The  four  pSeries  servers  are  divided  into 
10  logical  partitions  (LPAR),and  therein, 
Perlstein  says,  lies  the  magic.  Through 
LPAR,  the  applications  appear  to  be  run¬ 
ning  on  their  own  physically  separate 
pieces  of  hardware  even  though  they’re 
sharing  physical  components  with  anoth¬ 
er  application. “If  I  have  four  CPUS,  I  can 
split  them  off  into  four  different  LPARs  — 


but  the  only  thing  that’s  really  separate  is 
the  I/O  cards  and  the  disk,”  Perlstein  says. 
This  saves  physical  space  and  the  cost  of 
running  two  separate  pieces  of  equip¬ 
ment. 

The  only  disadvantage  has  been  edu¬ 
cating  some  of  the  medical  application 
vendors  that  require  their  applications  to 
be  run  on  separate  equipment. “We  built 
an  LPAR  test  box  and  let  them  dial  in  to 
see  if  they  saw  problems  with  extraneous 
overhead,”  Perlstein  says.  As  it  turned  out, 
the  vendors  couldn’t  tell  the  difference. 

Perlstein  warns  that  maintenance 
scheduling  gets  tricky  when  you’re  run¬ 
ning  multiple  applications  on  one  box. 
“The  complexity  comes  with  a  full-system 
microcode  upgrade  or  something  that’s 
going  to  affect  all  LPARs  across  the 
board,”  he  says.  “It’s  one  of  the  risks  you 
take  when  you  do  consolidation.” 

Perlstein  has  prepared  for  the  more  rou¬ 
tine  maintenance  tasks  by  using  cluster¬ 
ing,  which  lets  applications  fail  over  to 
another  set  of  processors  when  they  need 
to  be  upgraded.This  not  only  reduces  the 
amount  of  application  downtime,  but  it 
also  opens  up  a  larger  maintenance  win¬ 
dow  for  the  IT  staff.  Clustering  is  less 
expensive  with  consolidated  servers 
because  with  LPARs,  the  application  does 
not  need  to  fail  over  to  a  separate  box  — 
you  can  accomplish  it  within  one  server. 
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OAKWOOD  HEALTHCARE  SYSTEM 


Previous  architecture: 

•  25  RS/6000  servers 


system. 


tern  by  at  least  20%. 


Consolidated  architecture: 

•  15  IBM  eServer  pSeries 
servers  of  which  four,  total¬ 
ing  36  CPUs,  use  logical  par¬ 
titioning.  Oakwood  plans  to 
add  two  more  pSeries 
servers  with  16  CPUs  to 
consolidate  five  more 


Main  reason  for 
consolidation: 

•  With  staff  constraints, 
Oakwood  needed  to  reduce 
the  labor  required  to  man¬ 
age  servers.  It  was  also 
maxing  out  real  estate  in  the 
data  center  and  wanted  to 
decrease  the  cost  of  IT. 


•  Decrease  in  payroll  pro¬ 
cessing  time  from  three 
days  to  two. 


•  Went  from  17  to  13.5 
servers  per  technician. 


servers. 


•  Two  IBM  TotalStorage 
Enterprise  Storage  Servers 


Benefits: 

•  Up  to  15%  annual  reduc¬ 
tion  in  technology  costs. 


•  Two  Cisco  9509  SAN 
Directors. 


Consolidated  applications: 

•  PeopleSoft  HR  MS  and 
financial  management 


•  Up  to  20%  increase  in 
application  upgrades  and 
runtime. 


•  Reduced  month-end  pro¬ 
cessing  on  the  financial  sys- 


Lessons  learned: 

•  “We’ve  gotten  a  lot  more 
organized  with  the  questions 
we  ask  our  application  ven¬ 
dors,”  says  Brian  Perlstein, 
lead  systems  architect  in 
the  design  and  infrastruc¬ 
ture  group  at  Oakwood.  “We 
tell  them  upfront,  this  is 
what  we're  doing  with  clus¬ 
tering  and  consolidation  — 
will  you  support  it?" 


All  of  this  is  very  important  to  Oakwood, 
which  is  attempting  to  increase  system 
availability  20%  this  year,  from  five-nines 
to  seven-nines.  “Healthcare  systems  are 
becoming  more  critical,  and  everything 
has  to  be  highly  available,” says  Ken  Garn¬ 
er,  manager  of  client/server  at  Oakwood. 

Oakwood  has  seen  so  many  benefits 
from  consolidating  its  Unix  servers  that  it 
is  shifting  its  consolidation  focus  to  the 
Windows  NT  side  of  the  house.  “Because 
Microsoft  is  such  a  target  of  viruses  and 


hacker  attacks,  we  spend  more  time  on 
the  maintenance  side  and  need  more 
people  to  monitor  those  servers,”  Garner 
says. 

All  told,  consolidation  has  become  an 
intrinsic  part  of  Oakwood’s  IT  culture. 
Before  doing  business  with  any  applica¬ 
tion  vendor,  for  instance,  Perlstein  and 
Garner  tell  them  upfront  that  their  envi¬ 
ronment  involves  clustering  and  consoli¬ 
dation.  “We  ask  them,  ‘Will  you  support 
this,  and  if  not,  why?”’ Perlstein  says. 


The  BIG  BOX  theory  mc  smr  4 

Hospital  ports  apps  to  32-processor  Unisys  sewer 


TRUMAN  MEDICAL  CENTERS  •  KANSAS  CITY,  MO. 


The  word  ‘ 'explosion  ’  is  never  good 

when  you’re  in  an  IT  environment.  But  that’s  how  Rob 
Jones  describes  the  growth  of  two-processor  Intel  servers 
at  his  company, Truman  Medical  Centers,  as  he  continu¬ 
ally  added  new  applications  over  the  past  few  years. 

“We  were  seeing  the  number  of  servers  per  technician 
rising, and  we  needed  to  get  above  that  curve, ’’says  Jones, 
director  of  IT  at  Truman  in  Kansas  City  Mo. 

Jones  knew  he  was  outgrowing  his  one-or-two-applica- 
tion-per-server  environment,  where  each  new  server 
meant  one  more  box  to  maintain, patch, back  up,  network 
and  pay  maintenance  on. So  even  though  the  cost  of  a  32- 
processor  ES7000  server  from  Unisys  was 
not  exactly  inexpensive,  Jones  knew  it 
would  consume  fewer  internal  resources 
and  also  provide  flexibility  he  couldn’t  get 
on  his  stand-alone  Windows  systems. 

“Supporting  a  two-processor  box  is  just  as 
hard  as  supporting  a  four-  or  eight-  or  32- 
processor  box,  so  it  frees  up  time,  plus 
availability  is  higher  on  the  [ES7000],”he 
says.  Jones  also  wanted  the  ability  to 
rearrange  the  server’s  RAM, hard  drives  and 
network  segments,  and  reallocate  proces¬ 
sors  according  to  his  application  needs. 

Jones  achieved  those  goals  by  imple¬ 
menting  the  Unisys  box  running  Windows 
Server  2093  DataCenter  Edition.  The  first 
application  to  move  onto  a  partition  on 


the  Unisys  box  was 
Exchange  2003,  which 
knocked  out  five  Windows 
servers.  Next  to  move  was  a 
cluster  of  nine  file-sharing 
servers  containing  personal 
directories.  Jones  also  cen¬ 
tralized  storage  on  an  EMC  SAN  connected  to  a 
StorageTek  automated  library, which  got  rid  of  nine  direct- 
attached  storage  servers. 

The  next  step,  Jones  says,  is  to  move  Truman’s  custom 
version  of  SQL  Server  and  the  Microsoft  Sharepoint  doc¬ 
ument  library 

Jones  says  he  is  very  happy  with  the  ES7000’s  ability  to 
dedicate  processors  to  applications,  and  he  likes  doing 
this  at  the  machine  level  rather  than  setting  up  virtual 
machines.  He  can  set  up  one  hardware  partition  on  the 
entire  machine  or  break  it  down  into  several.  Right  now, 
there  are  two  eight-way  and  two  four-way  partitions.“They 
all  share  one  set  of  RAM, and  1  can  move  processors  from 
one  partition  to  another  for  flexibility/’  he  says. 
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Previous  architecture: 

•  10  two-processor  Intel- 
based  servers. 


Five  Exchange  servers. 


Consolidated  applications: 

•  Exchange  2003,  file-shar¬ 
ing,  Microsoft  Sharepoint, 
SQL  Server. 


•  Nine  direct-attached 
storage  servers. 


Consolidated  architecture: 

•  One  32-processor  Unisys 
ES7000  server  running 
Windows  Server  2003 
DataCenter  Edition. 


•  EMC  SAN  and 
StorageTek  automated 
library. 


Main  reason  for 
consolidation: 

•Truman  Medical  could 
not  manage  its  fast-grow¬ 
ing  computing  environment 
if  it  continued  using  multi¬ 
ple  servers.  It  needed  to 
decrease  the  time  and 
effort  of  server  mainte¬ 
nance,  and  it  wanted  the 
flexibility  of  a  larger  multi¬ 
processor  box. 


Benefits: 

•  Despite  continuing  appli¬ 
cation  growth,  Truman  has 
maintained  a  15-to-1  ratio 
of  servers  to  technicians 
vs.  13-to-1  in  the  past. 

Lessons  learned: 

•  “You  have  to  be  careful 
about  which  applications 
you  can  consolidate," 
says  Rob  Jones,  director 
of  IT  at  Truman.  "You  need 
to  do  a  lot  of  analysis  on 
the  front  end  and  after¬ 
wards  to  see  if  it  really 
works  or  not.” 


Working  with  virtual  servers,  he  says,  would  have  been 
too  complex.“I  have  people  trained  on  Windows,  and  if  I 
had  said, ‘You  have  to  learn  VMWare,’ that’s  one  more  layer 
they  would  have  had  to  learn,”  he  says. 

Things  will  get  a  little  more  complicated  when  Jones 
begins  porting  Truman’s  multiple  flavors  of  SQL  Server  to 
the  ES7000.“You  have  to  be  really  careful  about  which 
applications  you  can  consolidate,”  he  says.  “SQL  is  the 
toughest  one  because  you  have  to  look  at  which  data¬ 
bases  can  really  be  together  in  one  particular  box.” 
Already  Jones  knows  he’ll  need  to  maintain  several  sepa¬ 
rate  servers  for  particular  instances  of  SQL  Server  that 
need  to  be  stand-alone. 

Applications  that  are  FDA-certified  also  cannot  move  to 
the  Unisys  platform  because  they  aren’t  certified  to  run 
on  the  Microsoft  Data  Center  operating  system.Still,  Jones 
says  he  plans  to  consolidate  as  much  as  possible. 

Another  benefit  to  the  server  consolidation  was  the 
ability  to  create  a  more  robust  storage  environment. 
Rather  than  direct-attached  storage  that  was  becoming 
unmanageable  with  Truman’s  rapid  growth,  the  ES7000  is 
connected  via  Brocade  Communications 
Fibre  Channel  switches  to  the  EMC  SAN, 
which  is  connected  to  the  StorageTek  auto¬ 
mated  tape  library  via  Brocade  switches. 

Jones  warns  other  companies  that  want 
to  consolidate  servers  that  it’s  crucial  to 
plan  how  to  handle  maintenance  in  the 
new  environment.  For  instance,  he  says,  it 
will  be  easier  now  to  do  things  such  as 
install  patches  to  Exchange  because  it’s 
just  on  one  server,  not  10.  However,  the 
downtime  will  affect  not  just  one-tenth  of 
Exchange  users  but  all  of  them.  “You  have 
to  be  careful  as  far  as  what  you  can  con¬ 
solidate,  and  once  you  do,  how  are  you 
going  to  arrange  your  maintenance  win¬ 
dows?”  he  says.  ■ 


ADVERTISEMENT 


Linking  Network  Management 
and  Business  Success 

Lucent  Technologies  VitalSuite®  software  syncs  up  business  and  IT  goals 
by  delivering  dramatic  improvements  in  IT  and  end  user  productivity. 


IDC  finds  VitalSuite®  software 
delivers  cost  savings,  rapid  ROI 


Average  Three- 


Year  Savings 

Increased  user  productivity 

$10,303,465 

Increased  IT  staff  productivity 

$9,167,166 

Increased  IT  staff  efficiency 

$1,623,121 

Other  benefits* 

$345,844 

Total 

$21,439,596 

ROI 

719% 

Payback 

133  days 

*lndudes  recaptured  revenue  and  savings  from  reduced 
capital  and  IT  travel  expenditures,  virus  avoidance  and  lower 
outsourcing  costs. 

SOURCE:  IOC  customer  interviews,  2004 


“When  we  purchased 
the  product,  we  had 
two  people  handling 
500  devices.  Now  we 
can  handle  5,000 
devices  with  only 
four  people.” 

VitalSuite®  software  customer 


More  than  ever,  enterprises  understand 
that  IT  infrastructure  must  be  aligned  with 
critical  business  processes  to  ensure  corpo¬ 
rate  success.  IT  and  telecommunications  ana¬ 
lyst  firm  IDC  has  confirmed  that  Lucent 
Technologies  VitalSuite®  Performance 
Management  Software  portfolio  helps 
enterprises  achieve  success  by  improving  the 
management  of  key  IT  resources  as  well  as 
the  productivity  of  IT  staff  and  end  users. 

The  award-winning,  industry-leading 
VitalSuite®  portfolio  is  a  set  of  four  modular 
software  components  that  monitor  network 
and  application  performance,  analyze  and 
map  network  events  in  real  time,  quickly  gen¬ 
erate  detailed  reports  about  network  behav¬ 
ior  and  measure  performance  from  the  end 
user's  perspective.  Collectively,  these  modules 
provide  visibility  into  and  control  over  the 
”  entire  infrastructure  from  a  central  location, 
enabling  IT  to  discover  and  address  network 
performance  issues  before  they  affect  application 
delivery  —  and  business  results. 

Smaller  staff,  bigger  ROI 

From  its  interviews  with  enterprises  that  employ 
VitalSuite®  software,  IDC  found  the  product  provides 
savings  in  many  tangible  ways,  including  increased  user 
productivity  resulting  from  improved  network  and 
application  availability.  IDC  determined  that,  on  aver¬ 
age,  network  management  processes  required  30%  less 
IT  staff  time  after  VitalSuite®  software  was  deployed. 
The  study  also  concluded  that  the  software  enabled  cus¬ 
tomers  to  reduce  IT  staff  by  12%  over  three  years. 

Taken  together,  the  average  savings  for  all 
VitalSuite®  software  customers  interviewed  by  IDC 
was  $58,155  per  100  users.  That  translates  into  a 
return  on  investment  (ROI)  of  719%  and  an  average 
payback  period  of  just  133  days. 

IDC  found  that  VitalSuite®  software  can  help  cus¬ 
tomers  deal  with  the  increasing  pressure  to  inte¬ 
grate  new  technologies  into  their  environments, 
including  Voice  over  IP  (VoIP),  wireless  devices,  Web 
services  and  even  new  hardware  formats  such  as 
blade  servers.  The  Lucent  software  also  helps  enter¬ 
prises  meet  quality  of  service  demands  that  relate 
directly  to  service  quality  and  business  value. 

Actual  customers,  impressive  results 

One  of  the  companies  IDC  interviewed  installed 
VitalSuite®  software  following  a  corporate  merger. 


The  two  companies  used  different  performance 
management  tool  sets,  but  the  merged  entity  decid¬ 
ed  to  replace  both  products  with  Lucent's  network 
management  software.  "VitalSuite®  gave  us  more 
information  on  capacity  and  traffic  by  protocol, 
which  we  thought  was  vital,  and  a  greater  range  and 
flexibility  of  reports,  which  could  be  made  specific  to 
departments  like  marketing  or  shipping,"  the  cus¬ 
tomer  told  IDC. 

Another  customer  was  enthusiastic  about  the  sys¬ 
tem's  reporting  tool.  "Before,  you  might  have  to 
wait  two  weeks  for  an  administrator  to  create  a 
report  for  you.  Now,  you  can  make  your  own  reports 
in  10  minutes,"  the  customer  said. 
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Lucent  Technologies 
award-winning 
VitalSuite®  software 


Download  an  IDC  white  paper  detailing  the 
findings  from  its  interviews  with  VitalSuite® 
software  customers. 

Go  to:  www.nwfusion.com/lucentA/italSuite 


Yet  another  customer  spoke  of  the  tremendous  IT 
productivity  gains  VitalSuite®  software  provides. 
"When  we  purchased  the  product,  we  had  two  peo¬ 
ple  handling  500  devices.  Now  we  can  handle  5,000 
devices  with  only  four  people." 

Perhaps  more  importantly,  IDC  found  that  48%  of 
the  total  savings  customers  gained  from  VitalSuite® 
software  came  in  the  form  of  increased  end  user  pro¬ 
ductivity,  an  average  of  more  than  $3.4  million  per 
year.  That's  the  kind  of  figure  that  speaks  to  a  truly 
sound  alignment  of  IT  and  business  goals. 
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Impenetrable  network 


Deep  Inspection  Firewall  i  IPSec  and  SSL  VPN  Intrusion  Detection  and  Prevention 


Antivirus 


Central  Management 


TEST 


Inkra  Networks’ 
1518TX  Virtual  Service 

Switch 


The  devil’s  in  the  details  of  this 
virtual  security  switch 

Im  BY  JOEL  SNYDER,  NETWORK  WORLD  LAB  ALLIANCE 

nkra  Networks  has  taken  on  the  enormous  task  of  virtualizing  security  opera¬ 
tions  for  the  data  center  with  its  high-performance  security  switch.  And  while 
our  tests  found  the  product  to  be  well  architected  overall,  weak  firewall,  intru¬ 
sion-prevention  system  and  VPN  applications,  and  poor  management  control  mar 
the  existing  version  of  this  product. 


In  short,  Inkra  has  a  solid  vision  for  this 
product,  but  the  switch  needs  more  engi¬ 
neering  efforts  to  live  up  to  its  potential. 

The  Inkra  1518TX  Virtual  Service  Switch 
we  tested  —  running  Version  2.1  of 
Inkra’s  embedded  operating  system, 
which  has  been  shipping  since  February 
—  is  an  18-port  (16  10/100  ports  and  two 
gigabit  interface  card  ports),  2U  device 
that  can  simulate  as  many  as  125  racks  of 
security  appliances.  Using  Inkra’s  terms,  a 
rack  is  an  arbitrary  collection  of  security 
applications,  mixed  as  needed. 

With  either  a  command-line  interface 
or  GUI,  you  stack  the  applications  to¬ 
gether  and  attach  the  stack  to  one  or 
more  of  the  physical  interfaces  on  the 
Inkra  device.  As  an  easy  starting  point,  we 
defined  a  rack  with  a  firewall  and  an  IPS 
appliance,  and  attached  it  to  two  virtual 
LANs  on  the  same  physical  port,  replac- 


^  Results 


OVERALL  RATING 

Inkra  1518TX  It! 


Company:  Inkra  Networks,  www.inkra.com 
Cost:  Unit  with  five  virtual  racks:  $27,000; 
full  configuration  including  all  service 
modules  and  125  virtual  racks:  $80,000.  Pros: 
Virtualization  technology  provides 
deployment  flexibility;  many  applications 
are  available.  Cons:  Bugs  in  security  and 
management  applications;  security 
applications  offer  limited  features;  mediocre 
performance  in  our  tests. 


The  breakdown 


Range  of  applications  offered  20% 
Application  quality  20% 


Management  features  20%  3 


Performance  20% 


Flexibility  and  configurability  15% 


Documentation  5% 


TOTAL  SCORE 


2 

3.3 


Scoring  Key:  5:  Exceptional:  4:  Very  good:  3: 
Average;  2:  Below  average;  1:  Consistently 
subpar 


ing  our  existing  VLAN-enabled  firewall. 
With  Inkra’s  virtualization  architecture, 
you  can  build  as  many  racks  as  you  can 
afford  (appliances  are  licensed  on  a  per- 
rack  basis),  using  either  physical  ports  or 
VLANs  to  move  them  in  and  out  of  the 
Inkra  multi-gigabit  backplane. 

After  spending  some  time  building 
racks,  we  uncovered  the  strengths  and 
weaknesses  of  Inkra’s  approach.  Unlike 
firewall  vendors  such  as  NetScreen  Tech¬ 
nologies  and  Cosine  that  have  attempted 
to  build  virtual  firewalls,  Inkra  has  taken 
on  every  security  application  in  the  busi¬ 
ness,  re-creating  the  engineering  work 
needed  for  these  products. 

In  all,  Inkra  has  built  firewall,  global 
server  load  balancer,  local  server  load 
balancer,  intrusion  prevention,  Secure 
Sockets  Layer  accelerator, VPN  and  Web 
accelerator  modules. 

Choice  is  great,  but  having  so  many 
modules  with  different  functions  means 
that  Inkra  has  single-handedly  taken  on 
not  only  the  creation  of  its  own  virtual¬ 
ization  technology  but  also  every  major 
market  segment  in  the  network  security 
and  server  management  space.  If  you 
believe  in  “best  of  breed”  purchasing,  this 
approach  won’t  be  attractive  to  you. 

We  found  rather  quickly  that  Inkra  can’t 
hope  to  match  the  market  leaders  with 
this  version  of  its  software.  In  Inkra’s  quest 
to  create  so  many  security  modules,  it 
has  cut  corners  in  terms  of  features,  man¬ 
agement  and  quality-assurance  testing. 

The  intrusion-prevention  module  threw 
false-positives  because  it  misinterpreted 
packets  during  our  tests.  Inkra  has  issued 
a  patch  for  this  bug  since  we  tested. The 
VPN  module  had  severe  performance 
issues,  limiting  total  throughput  to  a  few 
megabits  per  second.  Also,  the  stateful 
packet-filtering  firewall  only  includes 
four  application-layer  gateways,  whereas 
most  enterprise  firewalls  have  10  or 
more.  Plus,  the  management  system  had 
memory  leaks  that  forced  us  to  reboot 
the  management  server  on  multiple 
occasions. 

Inkra  engineers  clearly  have  thought 


hard  about  how  to  manage  multiple 
security  elements  and  built  an  excellent 
model  for  network-wide  management  of 
many  devices  with  the  optional  Center 
Point  management  system.  A  virtualiza¬ 
tion  requirement  is  delegated  manage¬ 
ment,  which  Center  Point  covers  well. 
When  we  went  through  Inkra’s  scripted 
demonstrations,  everything  worked  pretty 
well.  But  when  setting  out  on  our  own  to 
test  the  product  more  rigorously  we  ran 
into  more  rough  edges.  Although  Inkra 
provided  a  2.4-GHz  system  with  2G  bytes 
of  RAM  to  use  as  the  management  server, 
we  found  management  to  be  slow,  with 
some  screen  changes  taking  as  long  as 
20  or  30  seconds.  When  we  were  uncov¬ 
ering  another  management  bug  (which 
Inkra  has  issued  a  patch  for),  we  found 
issues  with  the  debugging  tools.  We 
couldn’t  use  these  tools  to  find  the 
answers  to  simple  questions,  such  as 
“How  many  packets  are  moving  from  this 
module  to  the  next?” 

One  kudo  we  can  give  Inkra  on  its  man¬ 
agement  application  is  that  it  has  a 
built-in  simple  protocol  analyzer  capabil¬ 
ity,  a  great  idea  for  a  system  without  any 
other  way  to  monitor  traffic. 

Testing  performance 

Inkra  advertises  a  1G  bit/sec  through¬ 
put  on  the  1518TX,and  we  found  that  to 
be  quite  optimistic.  (See  “How  we  did  it,” 
www.nwfusion.com,  DocFinder:  1425.) 
Performance  varied  wildly  depending  on 
the  choice  of  modules  within  the  rack.  In 
the  worst  case,  we  discovered  that  a  com¬ 
bination  of  VPN,  firewall  and  intrusion- 
prevention  modules  limited  total 
throughput  of  the  system  to  15.160K  bit/ 
sec  (about  210  transactions/second). 
Inkra  confirmed  that  its  VPN  perfor¬ 
mance  is  the  bottleneck  here  and  sug¬ 
gested  that  it  intended  for  the  VPN  mod¬ 
ule  to  be  used  for  remote  access  and 
management  purposes  and  not  as  a  site- 
to-site  connection  tool. 

Additionally,  the  firewall  module  was 
severely  constrained  by  HTTP  session  es¬ 
tablishment  rates  to  about  1,900  sessions 


per  second,  whether  using  short  (IK) 
transactions  (throughput  of  55M  bit/sec) 
or  long  (32K)  transactions  (throughput 
of  396M  bit/sec). 

When  we  added  the  intrusion-preven¬ 
tion  module,  transaction  rates  dropped 
even  further  to  between  15M  and  38M 
bit/sec. 

Inkra  faces  an  uphill  battle  with  this 
product  —  even  after  it  works  out  the 
kinks  in  what  officials  say  will  be  an 
enhanced  quality-assurance  process  for 
its  next  release.  As  firewall  vendors 
stretch  their  own  products  with  built-in 
VPN  and  IPS  feature  sets,  Inkra  will  be 
hard-pressed  to  keep  up.  Instead,  the  vir¬ 
tualization  technology  will  fit  better  into 
a  data  center  and  service  provider  envi¬ 
ronment  where  requirements  on  fire¬ 
walls  are  more  modest,  and  feature  sets, 
such  as  virus  scanning,  HTTP  header  fil¬ 
tering,  and  policy-based  access  controls, 
are  not  called  for. 

As  a  singlecustomer,  entry-level  prod¬ 
uct,  the  1518TX  has  little  cost  advantage 
over  the  horde  of  line-speed  firewall, VPN 
and  IPS  products  on  the  market.  How¬ 
ever, when  stretched  to  its  limits,  with  fully 
delegated  management  across  125  or 
more  customers,  the  percustomer  price 
drops  to  a  very  attractive  $640.  With  that 
economy  of  scale,  Inkra  might  have  its 
best  chance  of  success  in  the  service  pro¬ 
vider  market. 

Snyder  is  a  senior  partner  at  Opus  One 
in  Tucson ,  Ariz.  He  can  be  reached  at 
joel.  snyder@opus  1 .  com. 
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over  IP  is  like  being  there. 


Raritan's  Dominion™  KX.  Better  KVM  Over  IP. 
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Cape  Town 
Sydney 


Now  you  can  be  everywhere  you  need  to  be.  Instantly.  Because  now  you  can  access,  diagnose  and  monitor  servers  -  even  the  worst 

server  problems  -  in  any  location  in  the  world  without  ever  leaving  your  chair.  With  Raritan's  19  years  of  innovation  in  the  Data 

* 

Center,  you  now  have  the  newest  and  most  dependable  choice  for  an  integrated  KVM  over  IP  switch:  Dominion  KX.  It's  a  plug-and- 
play  appliance.  It's  incredibly  scalable.  It  works  even  when  your  network  is  down.  And  by  encrypting  all  KVM  data,  including  video, 
KX  provides  the  industry's  most  secure  KVM  over  IP  technology.  It's  the  KVM  option  that  will  make  other  options  obsolete. 


To  schedule  a  test  drive,  call  1-800-724-8090  x925  or  visit  us  at  www.raritan.com/925 
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The  KX  Digital  KVM  Switch 
is  one  part  of 

RARITAN'S  DOMINION  SERIES 

The  complete  Data  Center 
Management  Solution 


Raritan 


When  you're  ready  to  take  control. 


www.nwfusion.com 
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Securing  mobile  assets 

Policies  are  key  in  procuring  and  tracking  wireless  devices  throughout  your  company. 


j  NetworkWorld 


■  BY  DENISE  PAPPALARDO 

Dashing  to  make  a  connecting  flight,  your  company’s  star  salesman  just  lost  his  new  Treo 
Communicator  at  the  airport.The  combination  phone/PDA  was  loaded  with  customer  data 
and  details  about  a  new  product  the  firm  is  preparing  to  launch.  If  the  device  falls  into  the 
wrong  hands,  priceless  intellectual  property  could  be  gone  in  an  instant. 


Setting  clear  guidelines  on  how  employees 
acquire,  use  and  return  their  wireless  devices  is 
critical  to  protect  your  company’s  assets. 

Ramolo  Pallini,  director  of  networks,  Internet 
technologies  and  telecom  at  worldwide  sys¬ 
tems  integrator  Getronics  in  Boston,  has  done 
just  that.  Establishing  policies  for  procurement 
of  wireless  devices  and  services  let  him  get  a 
handle  on  Getronics’  3,700  U.S.  wireless  users, 
which  includes  2,200  mobile  phones,  1,100 
wireless  pagers  and  400  wireless  data  cards. 

Employees  previously  bought  their  own 
mobile  devices  and  services  and  filed  expense 
reports  for  reimbursement.  Two  years  ago,  the 
firm  centralized  control  by  deploying  Traq 
Wireless’  Mobile  Resource  Management  ser¬ 
vices.  The  Traq  service  lets  Pallini  keep  a  close 
eye  on  employee  use  and  rate  plans,  and  track 
devices  with  Traq’s  Asset  Manager  module. 

Before  reaping  the  benefits  of  Traq’s  services, 

Getronics  established  specific  guidelines  for 
procurement  and  usage  of  wireless  devices. 

Pallini’s  group  created  a  form  for  the  corporate 
intranet  that  each  employee  who  wants  wire¬ 
less  service  must  fill  out. 

Users  must  answer  questions  about  what 
cities  and  countries  they  travel  to  and  how 
often. They  also  must  specify  if  they  want  push- 
to-talk,  wireless  data  or  other  features.  Once  a 
manager  approves  a  user’s  request,  Pallini’s 
team  finds  the  most  appropriate  device, service 
and  rate  plan. 

“It’s  almost  impossible  to  find  a  single  provider  to  give 
you  all  the  features  and  coverage  you  need,”  Pallini  says. 
Getronics  uses  AT&T  Wireless,  Nextel,  Sprint  PCS,T-Mobile 
and  Verizon  Wireless  for  wireless  voice;  SkyTel  and  Arch 
Wireless  for  paging  service;  and  almost  exclusively  uses 
Sprint  PCS  for  mobile  wireless  data  needs. 

An  employee’s  travel  patterns  help  determine  whether 
he  should  get  a  tri-band  phone  that  would  let  him  roam 
not  only  throughout  the  U.S.over  Code  Division  Multiple 
Access  and  GSM  networks,  but  also  throughout  Europe 
or  Asia.  If  the  user  only  travels  to  Europe  once  a  year,  it 
might  not  be  worthwhile  to  buy  the  more  expensive 
phone  that  would  also  support  European  GSM  services, 


Tracking  handsets 


Traq  Wireless'  Asset  Manager  allows  companies  to  keep  better 
track  of  their  wireless  devices. 


Home  Organize 


Optimize  Summarize 


Traq  customers  find 
the  Asset  Manager 
module  under  the 
Analyze  tab.  They  can 
begin  their  search 
from  this  page  by 
device  type,  depart¬ 
ment  or  username. 


Support  >  Logout 
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Or  an  IT  manager  can  easily  access  a  full  list  of  all  employees  using 
wireless  service,  by  service  type,  device  or  calling  plan. 


Service/Typ«  Make  &  Model  Service  No./Carrier  Plan  Name 


5125559871 

NEX 


5125559871 


Nextel  National  Free  Incoming  Plus  400 


Nextel  National  Free  Incoming  Plus  400 


Here  an  IT  manager  is  looking  for  all  users  with  Samsung  devices  to  figure 
out  how  many  employees  will  need  the  updated  versions  of  the  Samsung 
handsets  that  the  user's  carrier  is  offering.  Asset  Manager  presents  each 
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|  Search  All  jJ 

(7  Include  Sub-Departments 

Quick  Find 

You  may  use  an  asterisk  to  search  by  partial  field,  for  example:  512* 

which  reside  in  a  different  spectrum  band  than  do  U.S. 
GSM  services. 

Rather  than  let  employees  expense  phone  equipment, 
Getronics  buys  it  all,  including  phone  accessories  such  as 
headsets,  wireless  modems,  leather  cases  and  even  spare 
batteries.“We  can  buy  better  equipment  at  any  given  time 
because  we  have  centralized  purchasing  power”  Pallini 
says.“We’re  able  to  keep  everyone  pretty  current.” 

However,  one  thing  workers  can’t  get  from  Getronics  is  a 
car  adapter  to  charge  their  phones.  The  company  pro¬ 
hibits  cell  phone  use  while  workers  are  driving  and  main¬ 
tains  that  giving  users  an  adapter  might  encourage  them 
to  ignore  the  policy“If  employees  buy  a  car  adapter,  it’s  at 
their  own  risk  and  liabilityT  Pallini  says. 


Suppliers  send  phones  directly  to  users,  but  also  give  the 
company  a  complete  inventory  Some  device  information 
is  updated  automatically  in  Getronics  Asset  Manager  tool 
with  electronic  files  the  carriers  supply,  although  others 
only  provide  reports  that  must  be  entered  manually  into 
Getronics  inventory 

Because  every  device  is  specific  to  a  user  and  every 
user  is  specific  to  a  cost  center,  the  tool  is  useful  in  track¬ 
ing  chargeback,  when  users  need  new  phones 
and  which  devices  need  to  be  repossessed  as 
employees  leave  the  company. 

Getronics’  human  resources  department  fills 
out  a  form  for  the  IT  department  before  con¬ 
ducting  an  exit  interview  with  an  employee.  IT 
looks  up  the  user  and  lets  HR  know  which 
devices  should  be  returned. 

“Understanding  what  1  have  out  there  helps 
me  take  proactive  action,”  Pallini  says.“Often  I’ll 
go  to  one  of  our  carriers  and  say  we  need  an 
equipment  refresh.  1  can  do  this  because  I 
know  what  we  have  out  there.  Before  I  had  no 
clue,  and  it  was  too  difficult  to  deal  with.” 

Pallini  chose  Traq  because  the  service  was 
unique  at  the  time,  noting  that  it  offers  “the 
most  intuitive  tool  and  is  easy  to  use.  We’ve 
seen  a  400%  to  500%  return  on  investment. 

“The  power  of  having  the  information  ready 
at  any  moment  is  compelling,”  Pallini  says. 
“I  use  it  when  I  negotiate  with  providers,  talk 
with  mobile  users  and  for  my  own  reporting 
tools.” 

Companies  that  offer  similar  services  include 
MSS  Wireless,  formerly  Digital  Reliance.  Xcelle- 
net’s  Afaria  and  Novell’s  ZENworks  for  Hand¬ 
helds  specifically  offer  management  and  track¬ 
ing  tools  for  PDAs  or  handheld  PCs,  and  carri¬ 
ers  provide  some  tools  that  analysts  say  aren’t 
very  sophisticated. 

“Asset  tracking  is  a  critical  first  step  in  lower¬ 
ing  wireless  spend,”  says  Michael  Voellinger, 
wireless  service  director  at  Telwares,  a  consulting  firm  that 
helps  business  users  negotiate  contracts  with  service 
providers.  The  RFP  process  relies  heavily  on  accurate 
baseline  of  wireless  inventory, Voellinger  says. 

While  wireless  usage  policies  initially  were  established 
to  control  expense,  Voellinger  says  they’re  now  struc¬ 
tured  around  mitigating  loss.  “A  PDA  full  of  proprietary 
information  that’s  stolen  could  be  a  real  nightmare," 
he  says. 

This  analogy  sums  up  the  topic  well.Wireless  asset  track¬ 
ing  is  a  lot  like  key  control,  says  Brick  Thompson,  interim 
CEO  at  MSS  Wireless  —  you  do  it  not  because  you  care 
about  the  cost  of  the  key  but  the  cost  of  the  key  in  the 
wrong  hands.  ■ 
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Rack  View™ 

KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  Texas  77099 


ROSE  US  +281  933  7673 

ROSE  EUROPE  +44  (0)  1 264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


- 

allows  single  or  multiple 
stations  to  have,  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
Pf  arid.'opft rating  systems.  KVM  switches  have 
^•tradihOFraify’ provided  cost  savings  in  reducing 
energ/and  equipment  costs  while  freeing  up 
:t;  'valuat)fere3!  estate.- 
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pioneer  of  KVM  switch 
technology,  iRose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
svvitches,;extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 

.  Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 

800  333  9343 

WWW.ROSE.COM 


Connects  up  to  1000  computers  to  a  KVM  station 
Models  for  4,  8,16  computers 
Advanced  visual  interface  (AVI) 

Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

Free  lifetime  upgrade  of  firmware 

Security  features  prevent  unauthorized  access 

Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 

simultaneous  booting 


•  Easy  to  expand 
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SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


Anywhere,  Anytime  Secure 
Console  Port  Management 


AVWorks®  management  software  and 
the  CCM  console  manager  integrate 
with  Avocent  KVM  over  IP  switches 
and  intelligent  power  controllers  to 
offer  total  data  center  management 
from  a  single  application. 


Power  Devices  In  Rack 

Control 


Linux  Server 


Windows  Server 


Unix  Server 


Serial 


Switch 


Router 


CCM1640 


Modem 


Dial  Access  Client 


Telnet 


Client 


SSH 

Client 


Console  management 
solutions  include: 


Local  Terminal 


SSH  v2/Telnet  host 
Strong  authentication 
Offline  buffering 
SUN  break  safe 
In/out  of  band  access 
Point  and  click  access 


AVWorks 
Software  Client 


With  the  CCM  console 
manager  you  can: 


Be  organized 
Tighten  security 
Manage  users 
Establish  permissions 
Be  proactive 
Log  critical  events 


product  evaluation,  call  1-800-275-3500  ext.  247  or  954-746-9000  ext.  247 


Download  your  free  guide! 

8  Key  Reasons  Why  Administrators 
Rely  on  Console  Port  Management 
Solutions  at  www.equinox.com/ccm4 

For  a  30-day 


When  business  critical  servers  or  networks 
malfunction,  the  Equinox  CCM  console 
manager  gives  you  the  tools  to  securely 
and  quickly  restore  normal  functionality. 


Available  in  8  and 
16-port  models. 

Call  for  more  details 
on  48-port  model. 


©  2004  Avocent  Corporation.  Equinox  and  AVWorks  are  trademarks  or  registered  trademarks  of  Avocent  Corporation  or  its  affiliates.  All  other  marks  are  the  property  of  their  respective  owners. 


Fingerprint  Authentication  Scanner  Enterprise  KVM  Solutions  Advanced  Console  Servers  Network  Management  Gateway 

AlterPath™Bio  AlterPath™KVM  AlterPath™ACS  AlterPath™  Manager 

Cyclades'  data  center  management  solutions  offer  a  full  range 
of  security  features  across  its  entire  product  line  of  console  servers, 
power  management,  KVM,  biometric  scanner  and  network  management 
With  SSH  v2,  IP  Filtering,  strong  authentication,  event  logging  and 
data  logging,  Cyclades  can  make  your  network  into  a  secure 
heavyweight  contender  in  the  data  center  world. 


Intelligent  Power  Distribution  Units 

AlterPath"  PM 


For  a  FREE  white  paper  on  data  center  security,  please  visit  us  at  www.cyclades.com/securitywp 


www.cyclades.com/nw 

1.888.cyclades  •  1.888.292.5233  •  sales@cyclades.com 
©2004  Cyclades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  property  of  their  respective  owners.  Product  information  subject  to  change  without  notice 
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Power  over  the  Internet 


Servers,  routers,  and  other  electronic  equipment  sometimes 
“lock-up,”  often  requiring  a  service  call  to  a  remote  site  just  to  flip 
the  power  switch  to  perform  a  simple  reboot... 

The  NBB  “Mini”  Boot  Bar  Power  Switch,  gives  you  the  ability  to 
perform  this  function  from  anywhere! 

a  Web  Browser  Access  for  Easy  Operation 
m  Telnet  and  Serial  Access 
a  Encrypted  Password  Security 
B  Five  Individual  Outlets 
B  Power-up  Sequencing 
B  On  /  Off  /  Reboot  Switching 
H  Versatile  Zero  U  Mounting 


www.  wti.  com  (800) 


854-7226 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  926  1  8-25  1  7 


"Keeping  the  Net...Working!" 
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Custom  Management  Levels 

OBSERVER 

•  Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

■  .  . 

•  Real-time  statistics 

■ 

EXPERT  OBSERVER 

•  What-lf  Modeling  Analysis 
■;  •  Expert  Analysis 

•^Connection  Dynamics 


OBSERVER  SUITE 

.  •  Complete  SNMP  device  management 
•  Supports  full  RM0N1,  RM0N2,  HCRMON 


Remote  &  Hardware  Options 

REMOTE  NETWORKING  PROBES 

•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 

GIGABIT  &  WAN  HARDWARE  OPTIONS 

•  Portable  analyzer  systems 

•  Rack-mount  Probes  ready  to  go 

•  Direct,  passive  link  for  independent  views 


Test-drive  the  new  Observer  9  today  and  see  how  it  immediately 
finds  problems  you  didn’t  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/nine 

- - 

Introducing  Observer  9 

•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interface  and 
multi-session  support 

•  Industry-first  4GB  packet  capture  buffer 

•  Wireless  Site  Survey  Modes 

•  Nanosecond  resolution 

•  Now  over  450  Expert  Events 

•  SNMP,  RM0N  and  now  HCRMON  support 


IT  HAPPEN. 
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APC  solves  top  4  rack  problems. 


Solve  your  most  pressing  rack  problems: 

1)  cabling  nightmares  2)  hot  spots  3)  blown 
circuit  breakers  4)  brand  incompatibility. 

The  APC  NetShelter®  VX  lets  you  easily 


respond  to  future  requirements  and  change. 
Plus,  the  NetShelter  VX  comes  with  the 
"Fits  Like  a  Glove”*  money-back  guarantee 
to  ensure  compatibility  with  all  IT  equipment. 


Whether  you  need  a  simple  solution  or  are 
thinking  big,  you  can  depend  on  just  one  ven¬ 
dor  of  choice.  Visit  us  today  at  www.apc.com. 


HP/COMPAQ  •  SUN  •  IBM  , 


GUARANTEED 

COMPATIBILITY 


DELL  »  CISCO  •  LUCENT  J 


*"Fits  Like  a  Glove"  guarantees 
that  all  brands  of  EIA-3I0-D 
compliant  equipment  fit  inside. 


NetShelter® VX  Enclosures  ix -cfrtififdi 

Next  generation,  high-quality  enclosures 

•  Fully  ventilated  front  and  rear  doors  with  enhanced  ventilation  pattern  maximize  airflow 

•  Overhead,  base  and  side  cable  access  provides  easy,  integrated  cable  management 

•  Rear  Cabling  Channel  (42"deep  versions  only)  allows  for  easy  installation, 
access  and  serviceability  of  both  data  cables  and  power  distribution 

•  Available  in  multiple  configurations:  35.5"  deep,  42"  deep,  beige  or  black 


NetShelter®  Open  Frame  Racks  ix-nFRTiFiFm  [4-Pn^t nniy] 

Economical  solutions  for  wiring  closets  and  networking  applications 

•  Designed  to  accommodate  networking  devices  such  as  hubs,  routers  and  switches 

•  Industry  standard  7'  high  design  provides  45U  of  equipment  mounting  space 

•  Self-squaring  design  allows  one-person  assembly 

•  Made  of  high-strength  6061 -T6  structural-grade  aluminum 

Rack  Air  Removal  Unit  (ARU)  (x -certififdi 

Heat  removal  for  enclosures  in  IT  rooms  and  data  center  hot  spots 

.  Enables  up  to  7.5kW  of  power  consumption  in  a  rack,  without  taking  up  U  space 
.  Automatic  fan  speed  adjustment  leads  to  greater  energy  efficiency 
.  Dual-power  input  cords  allow  the  unit  to  attach  to  redundant  power  sources 
.  Ducting  kit  to  drop  ceiling  plenum  allows  higher  temperature  from  equipment 
exhaust  to  be  delivered  directly  to  A/C  return  stream 


Power  Distribution  Units  (x-p. frtififd) 

Distribute,  monitor,  and  remotely  control  power  in  rack  enclosures 

•  Basic:  Vertically  and  horizontally  mounting 
with  a  range  of  amps  and  voltages 

•  Metered:  Ability  to  monitor  the  current  draw  and  set  alarm  thresh¬ 
olds  that  when  exceeded,  provide  both  visual  and  audible  alarms 


•  Switched:  Offer  individual  outlet  control,  power  on  and 
off  displays,  current  monitoring,  alarm  thresholds  and 
network  management. 


Environmental  Management  Unit  ix -rrRTiriFm 

Networked  appliance  enables  management  of  a 
wide  range  of  access  and  environmental  conditions 

•  Browser-accessible  1U  rack-mountable  appliance 

•  Monitor  third-party  devices  via  8  input  contacts 

•  Control  third-party  devices  via  2  output  relays 

•  Early  warning  notifications  to  appropriate  personnel 


LCD  Monitors  ix  cfriified) 

111  rackmountable  integrated  LCD,  keyboard  and  mouse 

•  Occupies  only  1U  of  rack  space  compared  to  the  10U 
to  13U  of  space  required  by  a  traditional  CRT  monitor 


Take  the  APC  Rack  Challenge,  find  out  how  the  new 
NetShelter®  VX  outperforms  your  brand  and  get  a  FREE  T-shirt* 

Visit  httpy/promojpcxom  Key  Code  q283y  •  Call  888-289-APCC  x6697  •  Fax  401-788-2797 

E-mail:  esupport@apa.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  •  APC1  B4EF-USb  •  'First  100  respondents  only, 

©2004  American  Power  Conversion  Corporation.  All  Trademarlcs  are  the  property  of  their  owners. 


APC 

Legendary  Reliability® 
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dtSearch 


dtSearch 


Instantly  Search  Gigabytes  of  Text  Across 
a  PC,  Network,  Intranet  or  Internet  Site 


Publish  Large  Document  Collections 
to  the  Web  or  to  CD/DVD 

♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML,  &  PDF  while  displaying  embedded 
links,  formatting  &  ITfiTffiEEl 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 

“The  most  powerful  document  search  tool  on  the  market” 
-Wired  Magazine 


‘Intuitive  and  austere  ...  a  superb  search  tool”  -PC  World  j 


‘Blindingly  fast”  -Computer  Forensics:  incident  Response  Essentials 

‘A  powerful  arsenal  of  search  tools”  -The  New  York  Times 

dtSearch  “covers  all  data  sources ...  powerful  Web-based  ) 
engines”  -eWEEK 


“Searches  at  blazing  speeds”  -Computer  Reseller  News  Test  Center  J 

In  the  past  two  years,  over  half  of  the  Fortune  15  purchased 
dtSearch  developer  or  network  licenses. 

1  -800-IT-FINDS  See  www.dtsearch.com  for: 

sales@dtsearch.com  ♦hundreds  of  developer  case  studies  &  reviews 

♦  fully-functional  evaluations 


dtSearch 
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[  suPerb 


Industrial-strength .. 
xunerb"-PC  Magazine 


"Industrial-strength.. 
Superb"— PC  Magazine 


Industrial-strength.. 
superb"-pc  Magazine 


♦  for  Win  &  .NET 
♦  for  Linux 

♦  call  for  pricing 


Publish 

for  CD/OVDs 


Industrial-strength .. 
cuDerb"-PC  Magazine 


"Industrial-strength . 


superb  -PC  Magazine 


♦  from  $2,500 


♦  from  $800 


The  Smart  Choice  for  Text  Retrieval®  since  1991 


•0AS  •  cobalt 


Tel:  408.727,1122 
Fax:  408.727.8002 

343  1  DE  LA  CRUZ  BLVD. 
WWW.RECURR  E  N T.C  DM 


'Wrm 

[DeCUMR^t 

tec i. n nl»"ies.  inc. 
SANTA  CLARA,  CA  95D54 
INFQ@RECURRENT.CDM 


0  renewed 


Systems/Peatures/Memory 

CISCO 


GBiC's/Cables/Parts 

Also  Available:  Extreme,  Adtran 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 


COMSTAR,  INC. 

The  # 1  Network  Remarketer 

952*835*5502 

Fax  952*835*1927  www.comstarinc.com 


Y  Cabinet  Climate  Monitor  $389 


Ethernet/Web  Rack  Mounted 


Temperature 
Air  Flow 
Humidity 
Door  position 
Sound 
Light  Level 
Power 

Video  optional 
16  external  sensors 


Monitor  Multiple  Cabinets 

HTML  (no  client  needed) 
SMTP  (e-mail  alerts) 
SNMP  (MIB,  Traps) 
Graphing 
Console 


O  IT  Watchdogs 

See  it  working  at:  www.ITWatchdogs.com 

http://63.237.104.17  512-257-1462 


NetworkWorld 
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When  the  Power  Goes  Out 
Are  You  Still  Recording? 
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Don't  let  your  CCTV  system  or  security  network  go  down  because  the  power  fails. 
Keep  your  Digital  Video  Recorders  (DVRs),  cameras,  and  your  entire  security 
network  up  and  running  during  a  power  failure  with  an  uninterruptible  power  supply 
system  from  MINUTEMAN  UPS. 


Visit  us  online: 
www.minutemanups.com/nww 

Try  our  UPS  selection  tool: 

www.sizemyups.com 


■  Continuous  power  for  rack,  wall,  and  floormount  installations 

•  Extended  backup  runtime  options  available 

•  Remote  power  management  options  available 

•  3-year  warranties  on  most  models  -  the  longest  in  the  industry 


For  assistance  in  choosing  the  right  MINUTEMAN  UPS  product  for  your  system, 
call  us  at  800.238.7272  or  contact  one  of  our  national  distribution  partners. 
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works  to  your  advantage. 


INGRAM 


MICRO 


Power  Control 


m 


/ 


What’s  Your 
‘Current’  Load? 


Verify  Amps  Used  per  Circuit 
with  Sentry  Input  Current  Monitor 

•  Precisely  measure  the  current,  in  amps, 
for  each  power  circuit 

»  Prevent  overloads  on  existing  power  circuits 

•  Reduce  costs  for  additional  power  circuits 

•  Overcurrent  alarms 

»  Remote  Measurement  via  IP  or  RS-232 

•  Local  Measurement  via  digital  display 

Sentry  Power  Tower.  Equipment  Cabinet  Solutions. 


Server  Technology,  Inc.  ggail 

1040  Sandhill  Drive  Reno,  Nevada  8951 1  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


Overheated? 

Plug  In 
The  Simple 
Solution. 


MovinCool  spot  air  conditioners  are 

the  answer  to  your  overheating  problems. 

Just  roll  it  in.  Plug  it  in.  Turn  it  on. 

It’s  that  simple. 

►  Up  to  60,000  Btu/h  of  cooling 
power  right  where  and  when 
you  need  it 

►  Protects  against  data  loss  and 
equipment  failure 

►#1  in  portable  air  conditioning 
for  over  30  years 

►The  only  portable  air 
conditioner  ETL-verified 
for  performance 


MCVINCOOL 

THE  #1  PORTABLE  SPOT  COOLING  SOLUTION 
800-264-9573  or  visit  www.movincool.com 


©2004  DENSO  Sales  California,  Inc.  MovinCool,  SpotCool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corccr&itr.r 
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IT  EDUCATION,  TRAINING  &c  CERTIFICATION 


Advertising  Supplement 

iT  Careers:  Education  and  Training 


Most  folks  are  working  so  hard  that  there's  little 
time  to  think  about  adding  any  more  to  their 
schedule.  However,  adding  learning  and  capabilities 
has  long  been  the  recipe  for  maintaining  marketability 
among  IT  professionals. 

That's  changing  somewhat  as  U.S.  companies  are 
looking  for  more  than  certifications  du  jour.  They 
demand  a  more  complex  blend  of  skills.  The  result  is 
surging  enrollment  for  specific  courses  in 
undergraduate  and  graduate  degree  programs.  It  also 
has  meant  a  boon  to  companies  such  as  eCollege, 


which  provides  online  education  resources  for  post¬ 
secondary  institutions  and  businesses.  The  company 
estimates  that  enrollments  using  its  eLearning 
capability  will  total  1.2  million  in  2004  including 
close  to  half  a  million  distance  enrollments. 

Ken  Sardoni,  college  campus  chairman  for  technology 
programs  at  the  Utah  campus  of  the  University  of 
Phoenix,  says  the  important  consideration  is  to 
pursue  additional  skills  and  learning  that  can't  be 
sent  offshore.  The  detail  skills  -  coding  and 
implementation  -  can. 

"We  encourage  students  to  look  at  six  technical 
areas  in  general  -  networking,  database 
development  and  analysis,  programming,  web  design 
and  business  systems  analysis,"  says  Sardoni,  who 
worked  for  13  years  at  Oracle  before  going  into 
education.  "When  you  find  a  piece  of  technology  you 
like,  such  as  database  or  networking,  then  you  go 
deeper.  And  you  need  to  understand  the  business 
processes  so  that  you  can  apply  technology  point  to 
point  through  the  whole  value  chain  of  a  business. 
That's  something  that  cannot  be  outsourced." 

University  of  Phoenix,  which  now  enrolls  more  than 
200,000  degree-seeking  students  through  a 
combination  of  classroom  and  distance  learning 
capabilities,  has  seen  the  most  demand  for  IT 
professionals  who  have  business  acumen  in  health 
care,  biosciences,  insurance  and  financial  services. 
"The  other  (category),  interestingly,  is  in  education. 
The  development  of  online  classes,  simulations, 


classroom  augmentation  and  even  publishing  of 
materials  rests  on  information  technology.  In  July 
(2003)  we  had  more  than  600,000  downloads  from 
our  electronic  library  to  support  student  research. 
Technology  is  allowing  us  to  move  into  smaller 
markets  with  a  blend  of  campus  and  online 
instruction,  reaching  people  who  have  not  been 
reached  before." 

Laurie  Jadick,  vice  president  of  human  resources  for 
IT  services  company  Cognizant,  said  companies  must 
change  too,  providing  a  more  creative  venue  for 
learning  and  timing  of  that  learning.  "People  will  give 
up  personal  time  for  learning  when  they  see  that  it  is 
relevant,"  she  says.  Jadick  also  points  to  the  need  for 
interaction  during  learning,  not  just  electronic 
learning.  "We  all  need  that  energy  level  and 
interaction  to  get  a  bigger  bang  for  the  buck." 

Jadick  evaluates  learning  style  as  part  of  hiring 
criteria.  "We  want  people  who  learn  in  an  aggressive 
manner  -  who  pull  their  chair  up  next  to  smart 
people  and  learn  from  them.  We  ask  people  not  just 
what  they  know,  but  how  they  learned  it." 


For  more  information  about  IT  Careers 

advertising,  please  contact:  Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 


www.wgu.edu/IT  1  -866-225-5948 


Earn  your  degree  -  online! 

Use  your  IT  experience  or  certification  toward  the  completion  of  your  degree. 

Flexible  programs  for  busy  adults: 

BS  Computer  Information  Systems 
BS  Information  Technology  -  Network  Management* 

BS  Information  Technology  -  Project  Management* 

BS  Information  Technology  -  Security* 

BS  Information  Technology  -  Software  Development* 

BS  Business  -  IT  Management 
AS  Information  Technology 

*  Your  certification  may  waive  some  degree  requirements. 

Online.  Accelerated.  Affordable.  Accredited. 

Federal  financial  aid  available _  Regionally  accredited 


"Start  as  early 
as  next  month 


Scholarships 


Avaiabe! 


You've  been  to  those  other  human  resources 
technology  conferences.  Same  old  stuff. 

Today,  you  need  to  learn  more,  not  more  of  the  same. 


r 


COWfr.REM.CE  a  expo! A/f  ‘1  it 


April  14-15,  2004 

New  York  Hilton  Hotel  &  Towers,  New  York  City 


is  the  one  conference  the 
HRMS  pro  MUST  ATTEND  in  2004! 
Miss  this  and  you  miss 
the  last  train  to  the 
future  of  HR  technology.'' 


Tec  MR  World  Is  part  of. 

1 1  ROD 
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HRweek 


-  Marc  Pramuk,  Program  Manager 
HR  Management  &  Staffing  Services,  IDC 


Computerworld  •  InfoWorld  •  Network  World  •  April  5,  2004 
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Looking  For 


A 

New  Career? 


The  new 

itcareers.com 

and 

CareersJoumal.com 

combined 

jobs  database 

can  help  you 

find  one. 

Check  us  out! 


www.itcareers.com 


Sr  Software  Developer:  Design 
and  develop  client/server  and 
web-based  applications  in  open 
environment  including  designing 
and  developing  GUI  and  data¬ 
base,  performance  systems 
analysis  and  designing  and 
developing  and  testing  and 
installing  custom  software  sys¬ 
tems.  Analyze  and  design  busi¬ 
ness  processes  through  data 
modeling  and  process  modeling. 
Requires:  Bachelors  degree  in 
Computer  Science  and  five 
years  experience  in  Software 
Development.  Demonstrated 
ability  in  C/C  ++,  Visual  Basic, 
MFC,  SQL,  OLE,  COM/DCOM, 
HTML/DHTML,  XML,  ASP  and 
VB  Script.  40hrs/wk  (9:00  a.m. 
to  5:00  p.m.)  $92,000.00/yr. 
Send  two  resumes/responses 
to:  Case  Number  200203744, 
Labor  Exchange  Office,  19 
Staniford  Street,  1st  Floor, 
Boston,  MA  02114. 


Programmer  Analyst.  Analyze 
reqmts,  recommend  dsgn,  per¬ 
form  data  mapping,  prgmg, 
dvlpmt  &  testing  using  Oracle 
Reports  6i,  Oracle  Forms  6i, 
SQL,  PL/SQL,  SQL*Loader, 
Toad,  Taviz  Integration  Adapter 
&  Windows.  Bachelors  or  equiv 
in  Comp  Sci/Engg,  Info 
Systems,  Electrical,  Electronics 
or  related  Engg.  1  yr  exp  in  job 
offd  or  as  IT/software  profl  using 
above  computer  skills.  40hr/wk 
8a-5p.  Resume  to:  Ultra 
Telecom,  Inc,  1600  Oakbrook 
Dr,  Ste  520,  Norcross,  GA 
30092. 


Programmers  &  Software  Engin¬ 
eers  (Chicago,  IL  &  Atlanta,  GA): 
Analyze,  design,  develop,  test  & 
implement  specialized  apps.  in 
(a)  WebMethods  Oracle  Apps 
1 1  i,  Siebel,  JD  Edwards,  Clarify 
&  rel.  tools;  (b)  HIPAA,  Telecom, 
Banking  Apps.  in  Mainframe  / 
Oracle,  Java,  SQL  Server  and 
rel.  tech.;  (c)  Ariba  Buyer  / 
ORMS,  SAP,  JD  Edwards, 
Mainframe  /  Mid-Range,  Java 
Suite  &  rel.  tools;  (d)  Java  Suite, 
Rational  Rose,  MQ  Series, 
WebLogic,  Jakarta  Digester, 
UNIX  Scripts,  WebSphere,  DB2, 
LDAP  Server  &  rel.  tools,  on 
Windows  /  Unix  /  Sun  Solaris. 
Send  resume  to,  HR,  906  Lacey 
Ave.,  Suite  #  200,  Lisle,  IL 
60536.  EOE. 


Innovision  Technology  is  looking 
for  system  analysts  and  soft¬ 
ware/project  engineers.  Minim¬ 
um  BS/MS  with  experience 
using  Rational  ClearCase/Clear- 
Quest  Multisite  and  PVCS.  Exp. 
in  Tl  OMAP,  Tl  TMS470  pre¬ 
ferred.  Please  send  resumes  to 
iti@innovisiontech.com.  EOE. 
No  calls. 

Enduenet  is  a  company  special¬ 
ized  in  developing  medical  re¬ 
cord  software.  It  is  looking  for  IT 
professionals  with  experience  in 
this  field.  Qualified  applicants 
must  have  BS/MS  equivalent 
with  skills  in  VB,  C++,  VC++, 
and  OOAD.  Please  send  resum¬ 
es  to  contact@enduenet.com. 
EOE. 


Software  Engineer  (Mobile 
Switch  Interfaces)  sought  to  per¬ 
form  s/w  prod  design,  sys  analy¬ 
sis,  &  programming  activities; 
write  functional  &  design  specs, 
prep  prod  sub-sys  tech  docs, 
conduct  unit  testing  &  integra¬ 
tion  testing  for  new  functionality 
&  participate  in  prod  design  mtgs 
w/  sr  team  members;  perf  s/w 
defect  verification,  release  test¬ 
ing,  &  beta  supp  for  prods.  Bach 
in  CS,  EE,  or  related  req'd  +  2 
yrs  exp  in  SS7  for  SCP  Forward 
2  resumes  to  Lightbridge,  Inc. 
320  Interlocken  Pkwy,  Broom¬ 
field,  CO  80021,  Attn:  Pat 
Jensen.  Job  #  1465.0041 


Global  Tek,  Inc.  has  opportunities 
in  Naperville,  IL;  Madison,  Wl  & 
Fairfield,  NJ  areas  for  experi¬ 
enced  Computer  Professionals 
(multiple  openings),  w/relevant 
education  &  experience  in  VB 
Script,  Perl,  Erwin,  C,  C++, 
VC++,  IPIanet,  ASP,  HTML, 
DHTML,  Java  Script,  Sybase, 
Oracle,  SQL  Server,  SQL,  T-SQL, 
MS  Access,  Business  Objects, 
Crystal  Reports,  DB2,  Windows 
NT,  CEML,  Linux,  IIS,  UNIX,  PL/ 
SQL,  Cognos,  Brio,  ODBC 
Connectivity,  Netscape  Enter¬ 
prise  Server.  Application  Server 
of  Cold  Fusion,  Data  Modeling, 
Informatica,  ETL  application,  e- 
business  intelligence,  Data¬ 
warehousing,  SAS,  ERP,  CRM, 
RDBMS-Oracle,  GUI  Tools,  ASP, 
J2EE,  JSP,  JDBC,  Java  script, 
EJB,  Weblogic,  ASR/TTS,  CTI. 
40%  travel  to  client  sites  reqd. 
Send  resumes  to:  Global  Tek, 
Inc.,  277  Fairfield  Rd.,  Suite  108 
A,  Fairfield,  NJ  07004. 


Programmers  &  Software 
Engineers:  Design/Develop 

Server  side/GUI/web  enabled 
apps.  in  Microsoft. Net/related 
tools  suite,  Java  suite,  SQL 
Server/Oracle,  Coldfusion, 
COBOL,  Data  Dictionary/  Data 
Diagram,  AS400  &  rel.  tools. 
Attn:  HR,  6962  Main  St.,  Suite 
105,  Woodstock,  GA  30188. 


Software  Engineers  needed. 
Waltham,  MA  based  company 
has  postions  available  for  quali¬ 
fied  candidates  possessing  MS 
or  equivalent  with  relevant  work 
experience.  Duties  include: 
Design,  develop,  implement  and 
customize  software  applications 
for  various  business  clients 
using  3  of  the  following:  Sun 
Solaris,  Weblogic,  Unix,  C,  C++, 
VB,  VC++,  Java,  .NET,  EJB, 
ASP,  Crystal  Reports,  Win- 
Runner,  Business  Objects, 
Lotus  Notes,  IBM  Websphere, 
Javaservlets,  Perl,  Corba, 
HTML/XSL/XML,  DHTML,  COM/ 
DCOM,  PL/SQL  &  Oracle/ 
Sybase  databases.  Mail  resume 
to  Iconsoft  Inc.  751  Main  Street 
Suite  9  Waltham,  MA  02451 . 


Instructor,  Graphic  Design. 
Teach  classes  in  Graphic 
Design  for  bilingual  use  in 
Japanese  and  English.  Prepare 
curriculum,  conduct  diagnostic 
tests  &  conduct  classes  in  appl. 
of  Maya,  Shake,  Photoshop  & 
Flash  in  graphic  designing. 
Administer  tests  &  grade  stu¬ 
dents.  Provide  counseling.  Req: 
Bachelors  in  Fine  Arts/Multi¬ 
media  Arts  &  Tech.  &  ability  to 
read  and  write  Japanese  & 
English.  40hrs/wk.  Job/Inter¬ 
view  Site:  LA,  CA.  Send  resume 
to  Studio  Arts,  Ltd.  @  570  W. 
Avenue  26,  #425,  LA,  CA 
90065. 


System  Analyst.  Perform  com¬ 
puter  system  analysis  &  pro¬ 
gramming  to  meet  client's 
requirements;  develop  interface 
using  ASP  &  VBCOM;  use  Unix 
components  including  C++  ob¬ 
jects  &  Java  classes  with  a 
Tomcat  web  server.  IBM  MQ  on 
Unix  is  used  communicate  with 
backend  systems  using  IBM  MQ 
on  Unix;  design  &  develop  COM 
objects  for  validation  for  EAS; 
provide  authentication  &  security 
control.  Req:  Bachelor  or  equ. 
(accept  3-yr  college+PG  diplo¬ 
ma  or  2-yr  exp  as  equ),  1-yr  exp 
as  Programmer  or  Analyst  or  IT 
Consultant.  40hrs/wk,  8-5pm, 
$47k/yr.  Send  resume  to  Job 
Order  #  2004-324,  PO  Box  989, 
Concord,  NH  03302-0989. 


Goes  to  Dice.com  first  for  complete  tech  career  guidance 


Look  to  tho  tech  louder  first. 


Only  tech  jobs  •  Career  guidance 
Salary  info  •  Daily  job  notification 
Training  &  certification 


Software  Development  Engineer 
-  Design  and  develop  software 
for  serial  bus  testing  instrument 
for  MIL-STD-1553B  and  RS- 
232C  systems.  Design  and 
develop  enhancements  for  auto¬ 
mated  test  equipment  operating 
environment  software  that  inte¬ 
grates  a  number  of  other  appli¬ 
cation  development  environ¬ 
ments.  Use  object-oriented 
design  skills,  C++  for  coding, 
knowledge  of  MIL-STD  1553B 
and  TIA/EIA-232C  bus  proto¬ 
cols,  VXIplug&play  specifica¬ 
tions  and  experience  in  XML 
DOM/SAX,  Microsoft  ATL/COM, 
Microsoft  VisualStudio  develop¬ 
ment  environment,  national 
instruments  measurement  stu¬ 
dio  LabView,  TestStand,  and 
Agilent  VeePro  and  TYX  PAWS. 
Fix  bugs  and  enhance  products. 
Requirements  include  a 
Master's  degree  or  equivalent  in 
Computer  Science,  an 
Engineering  discipline  or  related 
field.  No  work  experience 
required.  Applicants  must  have 
unrestricted  authorization  to 
work  in  the  United  States.  Salary 
$75, 177/year.  40  hours/wk. 

Respond  with  two  copies  of 
resume  to  Case  #200203613, 
Labor  Exchange  Office,  19 
Staniford  St.,  1st  FI.,  Boston,  MA 
02114. 


Computer  Programmer  want¬ 
ed  to  convert  project  specifi¬ 
cations  and  statements  of 
problems  and  procedures  to 
detailed  logical  flow  charts  for 
coding  into  computer  lan¬ 
guage  and  conduct  quality 
check  and  related  duties.  BS 
in  CS  or  related  major  and 
one  year  related  experience 
required.  Send  resume  to 
Gale  Finance,  Human 
Resources,  1507  E.  53rd  St., 
Suite  #239,  Chicago,  IL, 
60615.  No  walk-in. 


Multiple  positions  in  Atlanta  for 
Programmer/Analysts  to  ana¬ 
lyze,  design,  develop  appls 
using  C,  JAVA  with  DB2,  .NET, 
JavaScript,  HTML/DHTML,  EJB, 
ASP.NET,  C#,  JSP,  ASP,  Serv¬ 
lets,  UML,  Oracle,  SQL  Server, 
Sybase,  Natural,  4GL,  XSTL 
Web  services,  Remedy,  ETL, 
Abinitio,  Cognos,  Informatica, 
Actuate,  Mercury  Suite,  Rational 
Test  Suite,  Tibco,  Clear  Quest, 
Tapestry,  Resign.  Perform  initial 
study  of  req  and  provide  feed¬ 
back;  provide  on  site  mainte¬ 
nance  support,  debug  modify 
fine  tune  and  perform  code  opti¬ 
mization.  Require:  BS  or  Equiv. 
in  Engineering  &  2  years  rele¬ 
vant  experience.  Multiple  posi¬ 
tions  in  Atlanta  for  Business 
Development  Managers  with  an 
MBA  and  3  years  of  experience 
in  Sales,  Recruiting,  Contract 
Approval,  Deviation  Approval, 
Technical  Feasibility,  Financial 
Viability,  Delivery  Viability,  Infra¬ 
structure  and  Resource  viability 
Frequent  Travel  and  relocation 
involved  for  both  positions.  Mail 
Resumes  with  cover  letter  & 
position  applied  for  to  H  R 
Manager,  FutureTech  Consult¬ 
ants  LLC,  330  Research  Court, 
Suite  300,  Norcross.  GA  30092. 


Application  Developers. 
DMS  &  auto  products  using 
Vis  Interdev,  VB,  VC++, 
SQL  Server  2000  &  ASP/IIS 
5.0.  BS  CS  or  Engg.  &  2  yrs 
programmer,  dev.  or  ana¬ 
lyst.  Resumes  to:  K. 
Cramer,  Reynolds  & 
Reynolds,  POB  2608, 
Dayton  OH  45401 


Software  Engineer 

iGenesis  delivers  innovative  IT 
solutions  to  business  clients 
nationwide.  We  have  immediate 
full  time  opportunities  for  Soft¬ 
ware  Engineers  &  Program¬ 
mers.  We  are  seeking  candi¬ 
dates  with  experience  in  design, 
development,  implementation 
and  maintenance  of  financial 
systems  applications. 

Design  and  code  a  solution  that 
integrates  the  client's  informa¬ 
tion  systems  using  programming 
languages  on  UNISYS  platform, 
J2EE,  Oracle,  Unisys  A  Series, 
Mainframe  environment,  Unix/ 
Windows  operating  system  and 
Lawson  ERP  system.  Require 
experience  in  preparing  func¬ 
tional  requirements,  design  spe¬ 
cifications  &  generating  reports. 

Seeking  dependable  and  Total 
Quality  customer  service  orient¬ 
ed  candidates  for  the  positions. 
Require  Bachelor's  degree  in 
Computer  Science,  Engineering 
or  related  field  with  2  yrs  of  ex¬ 
perience  in  the  job  offered.  Job 
involves  frequent  traveling  as 
required  by  the  project. 

We  offer  excellent  salary  &  ben¬ 
efits  package  for  40  hrs/wk,  8:00 
to  5:00  p.m.  Send  resume  to: 
iGenesis,  LLC,  942  Parkton  Dr, 
Waukesha  Wl  -  53189  or 
job41923@igenesisonline.com 


Programmer  Analyst  w/exp  to 
analyze,  design,  develop,  test  & 
implement  web  oriented  &  cus¬ 
tom  built  applications  using 
J2EE  Technologies,  HTML,  Java 
Script,  JSP,  ASP,  Oracle,  Sy¬ 
base,  ClearCase  &  CVS.  Per¬ 
form  code  impact  analysis/ 
reviews  for  functional  perfor¬ 
mance,  capture  &  publish  per¬ 
formance  status  for  the  code 
changes  to  improve  the  system 
performance  to  meet  production 
standards  using  custom  built 
test  bed  on  Unix  Platforms.  Mail 
resumes  to:  Open  Systems 
Technologies,  Inc.,  119  East 
20th  Street,  Suite  202,  Houston. 
TX  77008.  No  in  person  res- 
umes/interviews;  only  respond 
by  mail. 
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IT  PROFESSIONALS 

Senior  Consultant 

POSITION:  Senior  Consultant 
(Glen  Mills.  Pennsylvania  and 
other  locations  through  the  U.S.). 
Provide  consulting  services  for 
research,  design,  development, 
maintenance,  testing  &  enhance¬ 
ment  of  software  packages  8 
standalone  and  web  based  appli¬ 
cations  using  Java  and  C++  as 
the  programming  language  8 
accompanying  J2EE  technolo¬ 
gies  including  Java  Servlets,  JSP 
(Java  server  pages),  Java  Swing 
Classes,  JDBC  (Java  database 
connectivity),  JNI  (Java  Native 
Interface)  and  Rational  Rose. 
Administer  UNIX  (AIX)  systems, 
Windows  NT  servers,  DB2  data¬ 
base  &  WebSphere  applications 
server.  Lead  the  development 
team  in  the  design  8  develop¬ 
ment  of  applications,  define  the 
workflow  8  ensure  deliverables 
are  complied  in  a  timely  manner. 
Ensure  compliance  with  quality 
assurance  procedures  8  review 
of  team's  work.  Facilitate  the 
development  of  project  propos¬ 
als.  Transfer  knowledge  &  skills 
to  client  personnel.  Assist  en¬ 
gagement  managers  in  the  for¬ 
mulation  &  definition  of  computer 
information  systems  scope  8 
objectives  through  research  8 
fact  finding  to  develop  or  modify 
moderately  complex  information 
systems  tailored  to  client's  man¬ 
agement  requirements.  Select, 
customize  8  lead  applications  of 
tools  8  methodologies  to  meet 
proposals  8  engagements 
needs. 

WAGE:  $77, 020/year 

Hours  worked:  Monday-Friday 
9:00am-5:00pm 

MINIMUM  REQUIREMENTS: 
Bachelor’s  degree  or  equivalent 
in  Computer  Science,  Engineer¬ 
ing  (any  type).  Math,  Business 
Administration  or  Information 
Systems  +  4  years  exp.  in  the  job 
offered  or  4  years  exp.  as  a  Sen¬ 
ior  Consultant,  Consultant,  De¬ 
veloper,  Software  Engineer,  Sys¬ 
tems  Administrator.  Related  ex¬ 
perience  must  include  develop¬ 
ment.  design,  testing  and  main¬ 
tenance  of  software  packages 
and  web-based  applications  us¬ 
ing  Java  Servlets,  JSP,  Java 
Swing  Classes,  JDBC,  JNI  and 
Rational  Rose;  Administration  of 
UNIX  (AIX)  systems,  Windows 
NT  servers,  DB2  database  and 
WebSphere  application  server; 
and  at  least  one  year  working 
within  the  public  sector.  Employ¬ 
er  will  deem  foreign  educational 
credentials  evaluated  by  an  eval¬ 
uation  service  to  be  the  equiva¬ 
lent  of  a  U.S.  degree. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB404652  to  the: 

Philadelphia  NW  Careerlink,  FLC 
Unit  235,  W.  Chelten  Ave. 
Philadelphia,  PA  19144.  EOE. 

JAVA  DEVELOPER 

Analyze  8  dvip  existing  or  pro¬ 
posed  software  applns.  Dvip 
Java-based,  server  side  compo¬ 
nents  to  meet  client  specified 
user  reqmnts.  Dvip,  implmnt  8 
improve  progs,  applns  8  related 
procedures  to  process  data 
using  in-depth  knowledge  of 
software  dvlpmnt  life  cycle. 
Encode,  test,  debug  8  install 
operating  progs  8  other  appln 
software  utilizing  knowledge  of 
Java  prog,  tools.  Bach,  degree 
(or  equiv.)  in  Comp.  Sci.,  Math, 
Engnrg,  Bus.  or  Commerce  +  2 
yrs  exp.  in  position  offered  or  as 
a  Software  Engnr,  Prog.  Analyst 
or  Sys.  Analyst  reqd.  Exp.  must 
include:  (1)  Prog.  Langs:  Java, 
EJB  8  Swing;  (2)  Dbases: 
Oracle  or  DB2;  (3)  Applns: 
Websphere,  Weblogic  or 
Apache;  (4)  Operating  Sys.  must 
include  at  least  1  from  A  8  1 
from  B:  (A)  Sun  Unix,  HP  Unix 
or  AIX,  8  (B)  Windows  NT  or 
Windows  2000.  40  hrs/wk,  8am 
-  5pm,  $66,730/yr.  Qualified 
applicants  please  submit 
resume  to:  Manager, 

Washington  County  Team  PA 
CareerLink,  Millcraft  Center, 
Suite  150LL,  90  West  Chestnut 
Street,  Washington,  PA  15301- 
4517.  Please  refer  to  Job  Order 
No.  WEB  403666. 

SYNAPSE  GROUP,  INC.,  a 
leading  computerized  magazine 
marketing  company  is  looking  to 
hire  a  qualified  BUSINESS 
DEVELOPMENT  ANALYST  to 
research  potential  markets;  ana¬ 
lyze  statistical  data  to  forecast 
future  marketing  trends;  initiate 
and  produce  timely  and  accu¬ 
rate  reports/analysis  to  improve 
business  results;  and  to  develop 
and  maintain  sales  and  account 
management  reporting  systems. 
Qualified  applicants  are  required 
to  possess  at  least  a  Bachelors 
degree  in  Business,  Finance  or 
related  discipline.  Strong  PC 
skills  and  good  financial/ 
accounting  background  pre¬ 
ferred. 

The  company  offers  a  competi¬ 
tive  compensation/benefit  pack¬ 
age  and  an  environment  where 
achievements  are  recognized  8 
professional  growth  is  encour¬ 
aged.  Qualified  applicants  are 
encouraged  to  mail  resumes  to: 
Department  of  Human 

Resources,  Synapse  Group, 
Inc.,  Four  High  Ridge  Park, 
Stamford,  CT  06905. 

Computers  -  Software  Develop¬ 
ers  needed.  Seeking  qual.  can¬ 
didates  possessing  BS  or  equiv. 
8  rel.  work  exp.  Part  of  the  req. 
rel.  exp.  must  include  1  yr.  work¬ 
ing  with  J2EE,  Weblogic  8 
Websphere  Application  Servers. 
Exp.  designing  complex  web 
based  systems  w/complex  serv¬ 
er  side  framework  8  the  mort¬ 
gage  process  preferred.  Fwd. 
resume  8  ref.  to  Palisades 
Technology  Partners.  Attn:  HR, 
440  Sylvan  Ave.,  #210, 
Englewood  Cliffs,  NJ  07632. 

Software  Engineers  needed. 
Seeking  candidates  possessing 
BS  or  equivalent  and/or  relevant 
work  experience.  Part  of  the  req. 
rel.  work  exp.  must  include  2 
years  working  with  Oracle  and 
HTML  or  2  years  working  with 
Oracle  and  JBOSS.  Duties 
include:  Analyze,  design,  devel¬ 
op.  enhance,  and  maintain  appli¬ 
cations;  Plan,  test  and  docu¬ 
ment  programs.  Work  with  Java, 
J2EE,  Weblogic.  JBOSS,  JSP, 
Oracle  and  HTML.  Mail  resume, 
references  and  salary  require¬ 
ments  to:  Prudent  Technologies, 
Inc.,  8413  W.  145th  Terrace, 
Overland  Park,  KS  66223. 

Lead  Developer  -  Boca  Raton, 
FL:  Design  8  develop  packaged 
8  system  software.  Propose  8 
implement  software  enhance¬ 
ments  to  meet  production 
schedule.  Analyze,  develop  8 
implement  algorithms.  Test  8 
solve  technical  issues.  Must 
have  BS/BA  or  foreign  degree 
equiv.  in  Computer  Science;  2-yr 
exp.  in  job  or  2-yr  exp.  as 
Developer.  Must  have  exp.  in 
VC++,  SQL,  C++,  IIS,  ASP, 
DMO,  ADO,  HTML,  DCOM, 
MTS.  ATL.  Windows  NT  8  UNIX. 
F/T  40/wk,  9am-5pm  M-F. 
Comp  $60K/yr  Resumes  to: 
HR,  Software  FX,  Inc.  5200 
Town  Center  Circle,  Tower  1  - 
#450,  Boca  Raton,  FL  33486. 

Instructor,  Technical  Train¬ 
ing  -  wanted  by  technical 
train.  &  consulting  co.  in 
Plantation,  FL  to  dev.  course 
curriculum  &  provide  inst¬ 
ruction  to  Programming  stu¬ 
dents  in  Visual  C++,  Micro¬ 
soft  NET,  Visual  Basic, 
Compact  framework  & 
WinCE  .NET.  4  yrs  exp. 
req'd  as  instructor  in  listed 
skills.  Send  resume  only  to 
HR  -  Technical  Training 
Instructor,  8211  W.  Broward 
Blvd.,  Suite  210,  Plantation, 
FL  33324. 

WEB  DEVELOPMENT 
ANALYST  III 

ADT  Security  Services,  Inc.  has 
multiple  openings  in  Boca 
Raton.  Florida  for  Web  Develop¬ 
ment  Analysts  III. 

Analyze  business  procedures 
and  problems  to  develop  specifi¬ 
cations  and  convert  them  to  pro¬ 
grammable  form  for  electronic 
data  processing.  Confer  with 
organizational  units  involved  to 
determine  specific  web  output 
requirements.  Study  existing 
data  systems  to  evaluate  effec¬ 
tiveness  and  develop  new,  or 
modify  current,  web  systems  to 
improve  production  workflow. 

Must  possess  at  least  a  bache¬ 
lor's  or  its  equivalent  in  Com¬ 
puter  Science  or  a  related  field, 
and  relevant  work  experience. 
Experience  must  include  J2EE 
Certification  (Sun  Microsystems, 
etc.):  web  development  experi¬ 
ence,  including  Electronic  Data 
Interchange  (EDI);  and  experi¬ 
ence  with  Oracle,  SQL, 
WebSphere  Administration  and 
XSLT. 

Resume  and/or  cover  letter 
must  reflect  each  requirement 
above  and  specify  reference 
code  WDA/SSS  or  it  will  be 
rejected. 

Forward  resume  to  Theresa 
Maia,  ADT  Security  Services, 
Inc.,  One  Town  Center  Road, 
Boca  Raton,  FL  33486. 

Computer  Professionals 
(Multiple  Openings) 

Software  Engineer/Systems 
Analyst/Database  Administra¬ 
tor/Network  Administrator. 
Milwaukee,  Wl. 

Must  have  bachelors  degree 
or  equivalent  and  experience 
in  some  of  the  following  skills: 

C/C++,  Java,  Web  Methods, 
Cold  Fusion,  Microsoft  Technol¬ 
ogies  (Visual  Basic,  .NET,  ASP) 
CRM  (Siebel,  Clarify.  Vantive), 
Middle  Ware  Technologies 
(Orbix,  Corba,  Tibco,  Vitria)  Data 
Ware  Housing  Tools  (Informati- 
ca,  Data  Stage,  Abinitio,  Busi¬ 
ness  Objects,  Cognos,  Micro 
Strategy.  Brio)  ERP  (SAP, 
People  Soft,  Oracle  Apps, 
Baan),  Mainframe  (Cobol,  CICS, 
JCL,  VSAM)  AS400,  Ecom- 
merce.  Databases  (SQL  Ser- 
ver/Oracle/DB2/Sybase), 
Microsoft  Windows(95/98/NT/ 
2000, Exchange),  UNIX  (Sun 
Solaris,  HP,  AIX),  Linux  and  QA 
(Win  Runner,  Load  Runner,  Silk, 
Quickpro,  Manual  Testing). 

Position  requirement:  Must  be 
willing  to  travel  and  /or  relo¬ 
cate  per  project  specification 

Mail  your  resumes  to: 

iobs(5)iksolutionsinc.com 

or 

Human  Resource  Director 

IK  Solutions  Inc. 

1840  N.  Farwell  Ave. 

Suite  #  306 

Milwaukee,  Wl  53202 

Network  Administrator  Admi¬ 
nister,  maintain,  support  8 
develop  the  school's  databases 
8  servers  for  finance,  raisers 
edge,  education,  library,  8  other 
programs.  Work  in  a  Mac/ 
Windows  environment,  create 
and  maintain  firewalls,  intrusion 
detection  systems,  web  blocker, 
storage  area  networks,  VPN's, 
WAN  8  LAN  connectivity. 
Develop  8  implement  Veritas 
Backup  Exec  recovery  proce¬ 
dures  inc.  backups  8  recovery 
testing.  Implement,  maintain  8 
support  wireless  routers,  brid¬ 
ges,  access  points  8  wireless 
network  (801.11b  and  802. 1 1  g) 
for  School  Buildings.  Must  have 
at  least  a  Bachelors  Degree  or 
Foreign  Equiv.  in  Eng.  Or  in  a 
related  field8  2  yrs.  of  exp.  or  2 
yrs.  of  exp.  in  a  related  position 
w/ability  to  use  Visual  Basic, 
Macintosh/Windows,  Veritas 
Backup,  VPN's  8  Storage  Area 
Networks.  40  hrs./wk.  8  AM  - 
5PM.  Send  resumes  to  HR-IT 
Mgr.  Mt.  Vernon  Presbyterian 
School,  471  Mt.  Vernon  Hwy., 
Atlanta,  GA  30328. 

Positions  opening  for  (a)  IT 
Instructor  who  must  have  M.S  in 
C.S  8  3  yrs  exp  in  teaching 
instructor  led  courses  and 
imparting  technical  training  in 
Sun  technologies  like  Arch¬ 
itecture  of  J2EE  Applications, 
JAVA,  Servlets,  EJB,  JSP,  Point 
base,  XML  and  Object  Oriented 
programming,  b)  Senior  Syst¬ 
ems  Engineer  who  must  have 
B.S  in  Computer  Information 
Systems  or  equiv  8  5  yrs  experi¬ 
ence  in  File  NET  Products 
Installation,  advanced  System 
Support  and  Administration 
including  Panagon  IS,  CS, 
Report  Manager,  eProcess  and 
Client  products  like  Capture  and 
IDM  with  Web  services.  Should 
have  hardware  maintenance 
experience  on  File  Net  Juke¬ 
boxes,  knowledge  of  Kofax 
product  support  will  be  required. 
Please  send  resumes  only  to 
President,  Guru  Software 
Services,  Inc.,  12700  Century 
Drive,  STE#  B,  Alpharetta,  GA 
30004.  identifying  interested 
position(s).  EOE 

Computers-Seeking  qualified 
candidates  for  senior  and  mid¬ 
level  IT  professional  positions 
including:  Programmer  Ana¬ 
lysts,  Software  Engineers,  Net¬ 
work  Administrators,  Systems 
Analysts.  Qualified  candidates 
must  possess  MS/BS  or  equiv. 
and/or  rel.  work  exp.  Duties 
include:  Work  with  3  of  the  fol¬ 
lowing:  SAP,  ABAP,  XML, 
Siebel,  Oracle,  C,  C++,  PL/ 
SQL,  peopleSoft,  Unix.  Fwd 
resume  8  references  to: 
Halcyon  Solutions  Inc.,  Attn: 
HR,  950  Taylor  Station  Rd., 
#D,  Columbus,  OH  43230. 

Research  Computer  Services  is 
seeking  Software  Engineers  for 
various  locations  throughout  the 
U.S.  Current  positions  available 
in  our  Dayton,  OH  8  Atlanta,  GA 
offices.  MS  or  equiv.  and/or  rel. 
work  exp.  Part  of  the  req.  rel. 
work  exp.  must  include  1  yr 
working  w  /  C/C++.  Duties 
include:  Design  8  develop  appli¬ 
cation  software;  interface  w/ 
customers  8  vendors;  Trouble¬ 
shoot  8  provide  product  support, 
analysis,  8  resolution.  Work  w/ 
C/C++,  NET,  8  XML.  Send  res., 
ref..  8  sal.  rea.  to  resumes® 
davtonrcs.com  or  fax  to  937- 
445-5011.  Please  mention  Job 
Code  SDAY797  for  Dayton  or 
#ATL798  for  Atlanta  position. 

Synergy  has  multiple  openings 
for  IT  professionals.  Qualified 
applicants  must  have  BS  with 
substantial  experience.  Strong 
background  in  SAP,  SQL,  ERP. 
VB,  TCP/IP  Suite,  Oracle  is  plus. 
Send  resumes  to  hr@synergy- 
com.com.  Travel  is  required  for 
some  positions.  Sponsor  GC. 
EOE.  No  calls. 

Golden  Way  Security  is  hiring  IT 
professionals  to  handle  software 
and  computer  issues  in  mort¬ 
gage  areas  including  web-based 
application  design.  BS  with 
some  experience  are  the  mini¬ 
mum  requirement.  Please  send 
resumes  to  28125  W.  Seven 
Mile  Rd..  Livonia,  Ml  42152. 
EOE. 

The 
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Title:  Latin  America  Dealer 
Sales  Manager 

Summary  of  Responsibilities 
Perform  a  number  of  duties  with 
very  limited  support.  Must  have 
a  good  understanding  of  all 
facets  of  the  company's  busi¬ 
ness  and  the  tech  industry 
Responsible  for  developing  and 
supporting  all  areas  of  dealer 
network  in  Latin  America  and 
Caribbean  territories.  Managing 
relationships  that  don't  always 
have  similar  goals.  Extensive 
travel  to  support  the  channel 
with  sales  activities  and  the 
management  of  other  business¬ 
es.  Will  serve  as  liaison  between 
the  company  and  the  channel 
with  the  knowledge  and  ability  to 
educate  the  company  as  well  as 
develop  the  Latin  American  and 
Caribbean  territories.  Also 
responsible  for  creating  and 
executing  a  business  plan  that 
grows  the  company's  market 
presence  while  increasing  rev¬ 
enue,  profitability  and  maintain¬ 
ing  customer  satisfaction.  Pos¬ 
ition  based  in  Boca  Raton,  FL. 

Requirements:  Rqrs  Bachelor's 
degree  in  Business  Admin¬ 
istration  or  related  or  equivalent. 
Also  rqrs  5  yers  exp  with  soft¬ 
ware  manufacturing.  Requires  a 
solid  understanding  of  the  high 
tech  industry;  a  good  under¬ 
standing  of  the  cultures  &  busi¬ 
ness  environments  in  the  Latin 
America  and  Caribbean;  must 
be  self  starter  with  the  ability  to 
develop  creative  solutions  to 
support  inexperienced  dealer 
channel  with  limited  resources 
and  support;  must  have  the  abil¬ 
ity  to  motivate  people;  must 
have  dealer  management  expe¬ 
rience;  must  have  Time  and 
Labor  experience;  and  must  be 
able  to  speak,  read,  and  write 
English,  Spanish,  and  Port¬ 
uguese.  Required  to  travel  up  to 
60%  of  the  time  in  Latin 
America,  Caribbean,  and  US. 

Please  submit  your  resume  and 
salary  requirements  to:  Thomas 
Bartiromo,  at  corporateemp@- 
kronos.com  or  Kronos,  Inc.,  297 
Billerica  Road,  Chelmsford,  MA 
01824.  Applicants  must  have 
proof  of  legal  authority  to  work  in 
US. 


Systems  Analysts  (GA)  Develop 
program  specifications  based  on 
broad-level  designs.  Develop  & 
analyze  program  specifications 
based  on  desired  functionality. 
Code,  test,  debug  &  trou¬ 
bleshoot  a  variety  of  products  in 
client  server  environments  using 
AS/400,  OS/400,  RPGIV/ILE, 
SQL/400,  CL/400,  DB2/400, 
JSP,  JAVA  AND  C,  or  COBOL. 
Perform  change  &  impact  analy¬ 
sis,  BS/MS  in  Comp  Science, 
any  Engg  or  related  field  &  rele¬ 
vant  experience  required.  Send 
resume  to  Vivian  Fernandes  at 
MBT  International,  Inc.,  400 
Perimeter  Center  Terrace,  NE, 
Ste.  900,  Atlanta,  GA  39346. 


IT  PROFESSIONALS 

Senior  Consultant 

Position:  Senior  Consultant 
(Glen  Mills,  Pennsylvania  and 
other  locations  through  the 
U.S.).  Responsible  for  the  de¬ 
sign  and  implementation  of  lead¬ 
ing  business  application  soft¬ 
ware  to  provide  business  solu¬ 
tions  for  clients  in  a  wide  range 
of  industries.  Engage  in  the 
design  and  implementation  of 
CRM  (Customer  Relationship 
Management)  systems  utilizing 
Siebel  and  Enterprise  Resource 
Planning  solutions  utilizing  SAP 
R/3.  Responsible  for  the  design, 
development,  customization, 
and  implementation  of  applica¬ 
tions  using  Siebel  enterprise 
application  products  and  tools 
such  as  Siebel  Sales  Enterprise, 
as  well  as  Siebel  EIM  (Enter¬ 
prise  Integration  Manager)  and 
Siebel  Enterprise  Application 
Integration.  Involved  in  integra¬ 
tion  projects  using  Siebel  Enter¬ 
prise  Application  Integration  and 
Siebel  tools.  Responsible  for 
planning  and  scoping  and  defin¬ 
ing  functional  requirements 
using  SAP  R/3.  Responsible  for 
customizing  Production  Plan¬ 
ning  (PP).  Batch  Management 
(BM)  and  Quality  Management 
(QM)  modules  for  implementa¬ 
tion  using  SAP  R/3. 

The  wage  offered  is  $91,971  per 
year.  The  work  schedule  is 
Monday-Friday.  9:00  am  to  5:00 
pm.  The  minimum  requirements 
are  as  follows:  Bachelor’s  de¬ 
gree  or  equivalent  in  Computer 
Science,  Math.  Engineering 
(any),  Information  Systems  or 
Business  Administration  +  5 
years  of  experience  in  the  job 
offered  or  5  years  of  experience 
as  a  Senior  Consultant,  Siebel 
Consultant/Team  Lead.  Engin¬ 
eer  or  Process  Engineer.  Em¬ 
ployer  will  regard  a  foreign  de¬ 
gree  to  be  equivalent  to  a  U.S. 
Bachelor's  degree  as  deter¬ 
mined  by  an  accredited  creden¬ 
tials  evaluation  service.  Related 
experience  must  include  at  least 
1  year  of  experience  in  Custom¬ 
er  Relationship  Management 
(CRM),  Siebel  Sales  Enterprise, 
Siebel  EIM  (Enterprise  Integra¬ 
tion  Manager),  SAP  R/3  includ¬ 
ing  PP  (Production  Planning), 
BM  (Batch  Management),  and 
QM  (Quality  Management)  mod¬ 
ules. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB- 
405169  to  the:  PA  Careerlink, 
FLC  Unit  235  W.  Chelten 
Avenue,  Philadelphia,  PA  19144 
EOE. 


SYSTEMS  ANALYST  need¬ 
ed  w/exp  in  Oracle,  SQL 
Server,  XML,  Visio,  Erwin  & 
Crystal  Reports.  Design, 
develop  &  code  the  conver¬ 
sion  process  between  data¬ 
base  applic.  using  PL/SQL 
&  DW  technologies.  Send 
resumes  to:  Empower 
Technology  Solutions  Inc., 
120  Quarry  Dr.,  2nd  fl., 
Milford,  MA  01757.  No  in 
person  interviews/resumes; 
only  respond  by  mail. 
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SEMINARS  EVENTS 


Network  World  Seminars 
and  Events  are  one  and  two- 
day.  intensive  seminars  in 
cities  nationwide  covering 
the  latest  networking  technologies.  All  of  our  seminars  are 
also  available  for  customized  on  site  training.  For  complete 
and  immediate  information  on  opr  current  seminar  offerings, 
call  a  seminar  representative  at  800-643-4668.  or  go  to 
www.nwfusion.com/seminars. 


Publicize  your  press  coverage  in  Network 
World  by  ordering  reprints  of  your  editorial 
mentions.  Reprints  make  great  marketing 
materials  and  are  available  in  quantities  of 
500  and  up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399-1900  x129 
or  E-mail:  mshober@reprintbuyer.com 


»  SECURITY  »  WIRELESS  »  collaboration  &  VoIP 

»  INFRASTRUCTURE  &  SERVICES  »  PERFORMANCE  &  DATA  CENTER 


Your  role  is  expanding. 

As  business  infrastructure  moves  to  the  forefront,  your  company 
relies  on  you  to  keep  existing  systems  at  peak  performance  while 
tackling  a  broad  range  of  new  requirements.  Securing  wireless 
networks,  implementing  collaboration  technologies,  improving 
regulatory  compliance,  ensuring  business  continuity — all  while 
doing  more  with  less. 

Enterprise  challenges  demand 
end-to-end  solutions. 

As  networking  and  communications  professionals,  you  need  to 
focus  on  an  end-to-end,  system-wide  approach  when  building 
and  optimizing  your  business  infrastructure: 

»  Security  »  Performance 

»  Wireless  »  Data  Center  and  Storage 

))  Collaboration  and  VoIP  ))  Infrastructure  and  Services 


Visit  INTEROP.com  for  details  and  registration. 

Save  up  to  $200 — Register  by  April  9. 

Use  Priority  Code:  ADAPZ1ND 


Put  it  all  together. 

Only  NetWorld+Interop  brings  you  the  latest  strategies,  techniques 
and  products  for  every  point  in  your  infrastructure — and  shows 
you  how  they  can  add  up  to  an  integrated,  end-to-end  solution 
that  meets  every  requirement  on  your  list. 

Make  the  connection  at  NetWorld+Interop. 

For  17  years,  NetWorld+Interop  has  helped  networking 
professionals  take  their  enterprises  and  their  careers  to  the  next 
level.  At  NetWorld+Interop  Las  Vegas  2004,  you'll  make  the 
industry's  best  ideas  and  latest  technologies  relevant  to  your 
needs,  and  discover  that  even  the  toughest  networking  challenge 
is  all  in  a  day's  work. 
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Security 

continued  from  page  1 

tracking  technology  “We  finally 
have  the  tools  to  look  at  these 
insider  security  issues.” 

This  new  generation  of  content 
and  audit  tools  represents  a  clear 
change  from  the  past.  “We’ve 
always  had  network  forensics 
tools,  like  those  from  Niksun, 
[Network  Associates’]  Infini- 
stream  or  [Computer  Associ¬ 
ates']  SilentRunner,  that  sniff 
everything,”  Mogull  says.  While 
great  for  a  rear-view  mirror 
analysis,  they  lack  the  real-time 
alert  capabilities  going  into  these 
newer  content  monitoring  and 
audit  products,  he  says. 

Pressure  to  watch  for  so-called 
information  leakage  is  coming 
from  a  host  of  laws  requiring 
companies  to  safeguard  finan¬ 
cial  and  customer  information, 
including  the  Gramm-Leach- 
Bliley  Act,  Sarbanes-Oxley  Act, 
Health  Insurance  Portability  and 
Accountability  Act  (HIPAA)  and 
California’s  Database  Protection 
Act  of  2003.  What’s  more,  out¬ 
sourcing  is  putting  more  busi¬ 
ness  data  in  the  hands  of  insiders 
outside  the  company 

Burton  Group  analyst  Trent 
Henry  says  the  content-tracking 
vendors  “tackle  a  different  prob¬ 
lem  than  intrusion-detection  sys¬ 
tems  [IDS]  .They  look  at  informa¬ 
tion  flow  and  actual  content.” 

But  the  technology  is  still  new, 
faces  the  same  questions  of  false 
positives  that  dog  IDS,  and  does¬ 
n’t  yet  let  the  transmission  of  un¬ 
authorized  content  be  blocked. 
Regarding  the  latter,  vendors 
such  as  Vontu  say  their  road 


maps  call  for  content  blocking  in 
the  future. 

As  with  any  nascent  market, 
customers  can  expect  the  usual 
rise  and  fall  of  the  start-ups,  with 
some  being  bought  by  larger  net¬ 
work  vendors  and  others  simply 
dying  out.  “There  will  be  shake¬ 
outs,”  Henry  says. 

Henry  and  Mogull  say  out¬ 
bound  content-tracking  might 
end  up  as  part  of  multi-function 
gateways  involved  in  other  types 
of  content  inspection,  such  as 
anti-spam  and  Web  monitoring. 

Meeting  a  need 

While  there  might  not  be  many 
companies  using  content-track¬ 
ing  technologies  today,  such 
offerings  clearly  are  answering  a 
need. 

Storage  network  vendor  Mc- 
Data  uses  Vericept’s  server-based 
software  to  look  for  predeter¬ 
mined  types  of  confidential  in¬ 
formation  that  should  be  restrict¬ 
ed,  which  helps  McData  comply 
with  the  California  data-protec- 
tion  laws  and  other  regulations. 

“It  accurately  monitors  all  com¬ 
munications  across  our  net¬ 
work,”  says  Paul  Brothe,  director 
of  internal  audit  at  McData. 

Many  corporations  are  in  kick- 
ing-the-tires  mode.  William  Boni, 
Motorola’s  chief  information 
security  officer, says  his  company 
is  looking  to  see  if  any  of  the 
products  would  fit  his  global  net¬ 
work,  which  supports  100,000 
users  and  numerous  business 
partners. “The  concern  is  prema¬ 
ture  leakage  of  key  forms  of  digi¬ 
tal  intellectual  property?’  he  says. 

Start-up  Intrusic  focuses  on  the 
insider  threat  by  assuming  there 


Identity-based  firewall 


Start-up  Trusted  Network  Technologies  blends  identity  management  with  firewalling 
for  internal  corporate  use. 


Customers  use  the  1-Manager  appliance 
to  associate  identity-based  information 
in  LDAP  or  Active  Directory  with  file  and 
server  resources  on  a  walled-off  LAN 
behind  the  1-Gateway  appliance. 


Clients  with 
Host  software 


Clients  with  1-Host  software  request 
access  to  walled-off  resources,  which  the 
1-Gateway  grants  or  denies. 


Servers  holding  high-value  information 


Mi 


When  employees  leave  the  organization 
their  privileges  are  terminated  across  the 
organization  the  minute  the  name  is  pulled 
out  of  the  directory  or  otherwise  modified. 


are  compromised  computers  on 
the  network  so  none  of  them 
should  be  trusted. 

“A  typical  hacker  is  masquerad¬ 
ing  as  an  insider,”  says  Bruce 
Linton,  CEO  of  Intrusic. The  com¬ 
pany’s  server-based  Zephon  soft¬ 
ware  ferrets  out  intruders  —  and 
questionable  network  use  by 
employees  —  by  copying  and 
analyzing  business  traffic  at  the 
application  level  to  spot  unusual 
patterns. 

“1  found  a  lot  of  people  had 
created  outbound  reverse  tun¬ 
nels  going  to  their  home  PCs, 
totally  bypassing  the  network 
security  architecture,”  says  John 
Burke,  CIO  at  Boston’s  Caritas 
Christi  Healthcare,  which  oper¬ 
ates  a  chain  of  six  hospitals. 
“With  Intrusic,  you  can  tell  when 
someone  is  sending  a  lot  of  data 


InfiniBand 

continued  from  page  12 

bit/sec  connections  in  a  6U  chassis.  The  switch, 
which  Topspin  says  is  in  trials,  will  be  available  by 
the  end  of  next  month.  It  will  be  priced  starting  at 
about  $300  per  port.A  fully  loaded  switch  with  fault 
tolerance  will  cost  around  $1,000  per  port, says  Stu 
Aaron,  vice  president  of  marketing  and  business 
development  at  Topspin. 

Both  companies  aim  to  relieve  the  headache  of 
having  to  manage  a  mass  of  cables  as  customers 
roll  out  increasingly  large  InfiniBand  clusters  and 
find  they  have  to  deploy  multiple  switches. 

Aaron  says  Topspin  is  aiming  for  the  “sweet  spot” 
of  clustered  deployments  with  the  Topspin  270, 
pointing  to  a  recent  IDC  survey  that  found  that  82% 
of  all  high-performance  computing  clusters  are  96 
nodes  or  fewer. 

Arun  Jain,  vice  president  of  marketing  at  Voltaire, 
says  Voltaire’s  customers  are  asking  for  even  larger 
switches. 

“InfiniBand  had  for  all  practical  purposes  died, 
but  it’s  now  showing  signs  of  revival,”  says  Arun 
Taneja  of  Taneja  Group,  noting  that  in  recent 


months  all  the  major  systems  vendors  have  inked 
deals  with  Topspin  to  incorporate  InfiniBand  fea¬ 
tures  in  their  servers. 

“With  companies  coming  out  with  larger  switch¬ 
es,  it  means  customers  are  using  InfiniBand  to 
build  larger  and  larger  clusters,  and  that’s  a  good 
sign,”  he  says. 

Matt  Leininger,  computer  scientist  and  principal 
member  of  the  technical  staff  at  Sandia  National 
Laboratories  in  Livermore,  Calif.,  says  the  lab  likes 
InfiniBand  because  it  offers  the  same  type  of  open, 
commodity  features  as  Ethernet,  but  delivers  the 
high  bandwidth,  low  latency  and  low  CPU  over¬ 
head  capabilities  that  clusters  need  —  and 
Ethernet  can’t  provide. 

Today,  Sandia  runs  a  128-node  InfiniBand  cluster 
using  a  96-port  Voltaire  switch  and  a  32-port 
Infinicon  switch.  It  plans  to  bring  in  Voltaire’s  ISR 
9288  to  reduce  the  number  of  switches  and  sup¬ 
port  the  cluster  as  it  grows. 

“We  want  to  have  all  the  nodes  on  a  single 
switch,”  Leininger  says.“It  just  makes  it  much  easier 
to  manage.  You  have  much  lower  failure  rates 
[because  you  aren’t  dealing  with  device  cables] , 
and  you  don’t  have  as  many  cables.”  ■ 


out  to  the  Internet.  It  identified 
the  anomalies  that  need  to  be 
investigated.” 

Burke  says  Intrusic’s  technology 
contributes  to  the  effort  at  Caritas 
Christi  to  comply  with  the  HIPAA 
rules  to  protect  patient  data  and 
keep  a  good  audit  trail,  adding, 
“HIPAA  wouldn’t  exist  if  health¬ 
care  had  taken  a  more  stringent 
approach  to  security  previous!/ 
he  says. 

TNT  debuts 

The  need  to  tighten  access  to 
the  most  important  corporate 
data  and  produce  an  audit  trail 
related  to  content  is  also  the 
concern  of  another  start-up, 
Trusted  Network  Technologies 
(TNT).  The  company,  fueled  by 
$18  million  in  venture  capital 
from  Charles  River  Ventures, 
Flagship  and  JK&B,  last  week 
announced  its  first  product, 
called  Identity. 
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President  and  CEO  Steve  Gant 
says  the  “identity-based  firewall” 
sits  in  front  of  LAN  segments 
holding  high-value  servers,  let¬ 
ting  clients  running  I-Host  soft¬ 
ware  access  the  resources  only 
after  their  credentials  have  been 
checked  (see  graphic). 

“This  was  developed  for  the 
inside  because  there’s  a  shift  to 
asset-centric  security  where  the 
data  resides,”  Gant  says. 

Payment  services  provider 
Certegy  has  been  testing  Identity 
to  use  it  to  guard  critical  finan¬ 
cial  data.  “It’s  like  a  regular  fire¬ 
wall,  but  it’s  tied  to  identity  in  a 
different  way”  says  Wayne 
Proctor,  chief  information  secu¬ 
rity  officer  at  Certegy  “Hackers 
pride  themselves  on  getting  to 
the  box,  but  with  TNT  they  can’t 
see  the  box.”  ■ 
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Management  of  the  networked  infrastructure 
has  become  fundamentally  more  complex. 
This  is  true  because  both  the  number  and 
complexity  of  the  active  elements  in  net¬ 
works  today  are  higher  than  ever.  Historically, 
management  of  the  network  was  focused  on 
maintaining  the  health  of  the  individual  ele¬ 
ments  within  a  network,  assuming  that 
keeping  each  element  healthy  would  guar¬ 
antee  the  health  of  the  overall  network. 
With  the  expanding  functions  and  changes 
in  network  designs,  this  way  of  network 
management  falls  short. 

This  SPECIAL  REPORT  written  by 
Dennis  Drogseth,  Steve  Hultquist  and 
Jeffrey  Nudler  of  Enterprise  Manage¬ 
ment  Associates,  focuses  on  the  issues 
of  data  collection,  analytics  and 
thresholds  as  they  impact  network 
monitoring.  Because  they  represent 
the  three  single  most  critical  areas 
requiring  both  technology  innovation 
within  the  vendor  community  and 
strategic  solution  planning  from  an 
IT  adoption  perspective,  it  is  impor¬ 
tant  that  these  areas  are  understood  and  used 
as  focus  areas  in  the  development  of  network 
management  systems  (NMS)  and  network 
management  planning. 
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Name  that  product 

Can  you  match  the  code  names  with  the  actual  product 
names  for  these  past  and  present  IT  offerings? 

A.  BFR  (Big  F***  —  or  Fast  — 


Code  names 

continued  from  page  1 

in  them,”  Fbwer  says. 

One  of  the  most  common 
requests  he  gets  from  customers 
is  to  assign  the  plastic  fins  a  part 
number, so  they  can  be  ordered 
from  IBM’s  product  catalogue. 

While  most  technology  com¬ 
panies  do  not  have  official  poli¬ 
cies  on  how  they  create  product 
code  names,  they  are  almost 
always  dreamed  up  by  engi¬ 
neers  with  the  understanding 
that  the  code  names  will  be  for 
internal  use  only  It’s  assumed 
the  company  eventually  will 
develop  a  name  for  the  product 
that  can  be  trademarked. 

Though  larger  companies 
sometimes  tell  their  develop¬ 
ment  teams  to  pick  code  names 
that  have  not  been  trademarked 
—  geographical  locations  or 
species  of  fish,  for  example  — 
engineers  typically  are  given  lati¬ 
tude  in  the  names  they  can  use. 
This  is  because  employers  know 


Got  great  ideas 


■  Network  World  is  looking 
for  more  Wider  Net  stories.  If 
you  have  a  story  idea  about  an 
offbeat  network  industry- 
related  topic  or  a  fascinating 
personality  we  should  profile, 
contact  Bob  Brown  at 
bbrown@nww.com. 


that  a  popular  code  name  can 
help  engineering  teams  build  an 
emotional  attachment  to  the 
product,  says  Burt  Alper,  the 
founder  of  Catchword  Branding, 
a  consulting  firm  that  provides 
technology  companies  with 
advice  on  naming  products. 

Most  marketing  folks  think  the 
code  name  will  be  unceremoni¬ 
ously  dropped  once  the  compa¬ 
ny  goes  public  with  the  product’s 
brand  name,  Alper  says.  But 
some  products  are  the  subject  of 
such  intense  media  scrutiny  that 
their  code  names  take  on  a 
momentum  of  their  own.  And 
that’s  where  the  problems  begin. 

Take  Apple’s  Power  Macintosh 
7100.  Designed  in  the  early  1990s, 
it  was  code-named  Sagan  as  a  tip 
of  the  hat  to  the  noted  astron¬ 
omer,  Carl  Sagan.  But  when  Sagan 
heard  that  the  next  version  of  the 
Fbwer  Mac  was  going  by  his  fami¬ 
ly  name,  he  took  exception. 
Before  long,  Sagan’s  lawyers  were 
asking  Apple  to  change  the 
7 100’s  code  name.  Apple  com¬ 
plied,  but  the  product’s  new  code 
name,  BHA,  which  was  widely 
taken  to  stand  for  “Butt-Head 
Astronomer^’  did  little  to  appease 
Sagan.  He  sued  Apple  in  1994, 
and  the  case  eventually  was  set¬ 
tled  out  of  court. 

Even  companies  that  try  to 
steer  away  from  code-name  trou¬ 
ble  can  find  themselves  in  rough 
waters.  For  example,  Intel  has 
mandated  that  its  engineers 
code-name  products  only  after 
geographic  locations,  which  gen- 
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B.  Carnivore 

C.  Columbus 

D.  Gibson 

E.  Mad  Hatter 

F.  NPL  (New  Product  Line) 

G.  Oak 

H.  Palladium 

I.  Stoned  Beaver 

J.  Utopia 


erally  cannot  be  trademarked. 
But  that  policy  didn’t  prevent  the 
folks  who  put  on  the  Tangle- 
wood  music  festival  in  western 
Massachusetts  from  asking  the 
chip  maker  to  rename  its  multi¬ 
core  Itanium  2  processor.  Last 
December,  Intel  changed  the 
product’s  code  name  from 
Tanglewood  to  Tukwila. 

Intel,  apparently  was  following 
the  same  strategy  that  Alper  rec¬ 
ommends  to  his  clients.“The 
counsel  we  provide  is  to  use 
code  names  that  are  so  ridicu¬ 
lous  and  so  ludicrous  that  you 
would  never  consider  launching 
them,”  he  says. 

Most  of  Alper’s  clients  realize 
that  hip  or  edgy  code  names 
like  Shark  or  Longhorn  general¬ 
ly  cannot  be  trademarked  and 
are  unlikely  to  make  it  past 


1.  Apple  iMac 

2.  Cisco  12000  Series  routers 

3.  FBI's  customized  network  sniffer 

4.  IBM  360  system 

5.  Java 

6.  Juniper  T640 

7.  Linux  2.6 

8.  Microsoft  Next-Generation 
Secure  Computing  Base 

9.  MS  Bob 


company  lawyers,  so  they  tend 
not  to  pay  much  attention  to  the 
code-naming  process.“Corpor- 
ate  folks  don’t  take  it  that  seri¬ 
ously  he  says. 

Eric  Allen,  a  research  scientist 
at  Sun  Labs,  says, “The  most 
important  aspect  of  a  code 
name  is  it  just  allows  us  to  talk 
about  the  project  we’re  working 
on  without  having  to  say  ‘the  pro¬ 
ject  we’re  working  on.’” 

Engineers  often  use  code 
names  as  a  way  to  flex  their  cre¬ 
ative  muscles,  he  says.  Java’s 
code  name  Oak  served  as  a 
metaphor  for  what  the  language 
was  designed  to  be. 

“It  gave  people  a  sense  of  the 
stability  and  safety  they  were  try¬ 
ing  to  build  into  the  language,” 
Allen  says.  He  adds  that  he 
would  love  to  see  the  code 


10.  Sun  Java  Desktop  System 
(6-r  'M  '8-H  ‘S-9  Vd  ‘01-3  ‘9-Q  VO  ‘£-9  'Z*V)  :sjbmsuv 


Science  center  switches  to  open  source 


■  BY  ANN  BEONARZ 

Mike  Hogarth  looked  to  open  source  soft¬ 
ware  when  he  decided  to  replace  a  6-year-old 
homegrown  portal  application  that  had 
become  too  cumbersome  to  maintain. 

“1  was  looking  for  a  basic  framework  on  top 
of  which  1  could  build  applications,”  says 
Hogarth,  a  faculty  member  in  the  school  of 
medicine  at  the  University  of  California,  Davis, 
and  a  lead  informaticist  at  the  Center  for 
Biophotonics.  He  wanted  the  framework  to  be 
standards-based  and  handle  functions  such  as 
user  group  management,  security  and  single 
sign-on. “These  are  things  I  wish  1  had  put  into 
my  original  portal,”  Hogarth  says. 

He  chose  software  from  Gluecode  Software 
and  is  in  the  process  of  launching  a  new  por¬ 
tal  for  the  Center  for  Biophotonics, a  UC  Davis- 
based  initiative  dedicated  to  exploring  the  use 
of  light  energy;  or  photons,  in  biological  sci- 
ence.The  porta!  is  aimed  at  letting  researchers 
from  all  over  the  world  share  their  findings 
and  collaborate  with  peers. 

Hogarth  is  using  Gluecode’s  Advanced 
Server  portal  software,  which  is  part  of  a  new 


suite  announced  last  week.  Gluecode  Enter¬ 
prise  Server  3.5  combines  the  vendor’s  enter¬ 
prise  portal  framework  and  security  manage¬ 
ment  tools  with  business  process  manage¬ 
ment  capabilities. 

Gluecode’s  products  are  built  on  open 
source  technologies  from  the  nonprofit 
Apache  Software  Foundation,  including  the 
Apache  Jetspeed  portal  project,  says  Winston 
Damarillo,CEO  of  Gluecode.  Enterprise  Server 
combines  technology  from  14  Apache  pro¬ 
jects  into  one  product,  Damarillo  says.  When 
users  buy  Gluecode’s  managed  open  source 
products,  they  get  the  run-time  and  the  full 
source  code. 

“It’s  open  source,  but  it’s  done  in  a  way  that 
is  different,”  Hogarth  says.  “You  get  access  to 
source  code,  but  you  pay,  which  is  fine  with 
me.  1  can  tweak  it,  I  can  really  see  how  it  was 
built.” 

Hogarth  is  focused  this  year  on  delivering 
new  portal  functions,  including  a  biophoton¬ 
ics  search  engine;  glossaries  tailored  to  end- 
user  groups;  and  analysis  tools  that  let  users 
map  published  biophotonics  work  to  re¬ 
searchers  working  in  the  field  to  find  scien¬ 


tists  who  might  be  working  on  compatible 
projects.  “The  discovery  of ‘who’s  doing  work 
in  my  area?’  tends  to  be  a  difficult  task,” 
Hogarth  says. 

Open  source  software  lets  Hogarth  migrate 
the  center’s  existing  “legacy-like”  application  to 
a  Java  2  Platform  Enterprise  Edition-based 
framework  and  focus  his  team’s  energies  on 
new  features  rather  than  code  maintenance, 
he  says. 

“1  don’t  see  value  in  supporting  my  own 
code  base  —  I  wouldn’t  have  the  resources  to 
support  60,000  lines  of  code  development,”  he 
says.“l  would  much  rather  focus  my  resources 
on  building  the  collaborative  features.” 

Gluecode  Enterprise  Server  3.5  costs 
$75,000  for  the  full  software  stack, plus  $4,000 
per  month  per  deployment.  Gluecode’s 
Advanced  Server  portal  software  starts  at 
$20,000  plus  $2,000  per  month,  per  deploy¬ 
ment. The  vendor  also  offers  a  free  download 
of  its  low-end  product,  Gluecode  Portal 
Foundation  Server. 

Gluecode,  which  launched  in  2001  and  is 
based  in  Los  Angeles,  recently  received  first- 
round  venture  funding  of  $5  million.* 


name  for  his  current  project  — 
an  advanced  programming  lan¬ 
guage  for  supercomputers  — 
eventually  become  a  product 
name,  but  he’s  not  sure  that  will 
ever  happen.  Allen  declines  to 
mention  the  code  name.Tm 
worried  about  a  Carl  Sagan-like 
incident,”  he  says. 

Still,  the  high-tech  industry 
might  be  more  fun  if  these  col¬ 
orful  names  stuck  around  after 
products  were  launched.  Shark 
inspired  IBM’s  competitor, 
StorageTek,  to  code-name  one 
of  its  low-end  disk  arrays  Orca, 
after  the  species  of  whale  that 
has  been  known  to  kill  sharks, 
according  to  Ray  Lucchesi,  the 
senior  strategic  business  devel¬ 
opment  manager  at  the  storage 
company 

“Once  a  product  is  code- 
named,  it  takes  on  a  life  of  its 
own,”  Lucchesi  says. 

That  was  certainly  the  case 
with  Apple  Computer’s  Mac¬ 
intosh,  Lisa  and  Newton  prod¬ 
ucts  as  well  as  Digital  Equip¬ 
ment’s  Alpha  line  of  processors 
and  servers,  all  of  which  ended 
up  adopting  their  code  names. 
IBM’s  Shark  is  unusual  in  that  it 
has  lingered,  even  though  the 
company  has  given  the  product 
an  official  product  name.  IBM 
even  mentioned  Shark  in  its  2000 
annual  report,  Power  says. 

“We’ve  probably  broken  every 
rule  of  Marketing  101,”  he  says. 
“I’ve  been  with  IBM  for  24  years; 
it’s  the  longest  I’ve  known  a  code 
name  to  last.” 

Power  says  he  still  occasionally 
gets  what  he  calls  “integrated 
marketing  and  communications 
grief”  at  IBM,  but  the  fact  that  cus¬ 
tomers  keep  bugging  his  sales 

force  for  those  shark  fins  and, 

«* 

more  importantly  buying  those 
storage  systems  allows  him  to 
keep  breaking  the  rules. 

Who  knows,  maybe  IBM’s 
Shark  success  will  lend  a  little 
more  color  to  an  industry 
whose  product  names  some¬ 
times  sound  like  the  unhappy 
result  of  a  stress  ball  dropping 
on  a  marketing  executive’s  key¬ 
board. 

After  all,  which  name  sounds 
better?  The  z990  or  T-Rex?  The 
Biglron  MG8  or  Mucho  Grande? 
Windows  for  Workgroups  3.1 1  or 
Snowball? 

McMillan  is  a  correspondent 
with  IDG  News  Service’s  San 
Francisco  bureau.  Network  World 
Senior  Editor  Deni  Connor  con¬ 
tributed  to  this  story. 

Get  more  information  online. 
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eNet  Tour  Schedule 

Tuesday,  May  11 

11:30  a.m.,  1:30  p.m.,  and  3:30  p.m. 

Wednesday,  May  12 
11:30  a.m.,  1:30  p.m.,  and  3:30  p.m. 

Thursday,  May  13 
FINAL  TOUR!  11:30  a.m. 

To  sign  up  for  a  free 
eNet  tour,  go  to 
www.interop.com/ 
Iasvegas2004/registration/ 

• 

eNet  Thanks  Its  Volunteers 

The  spirit  of  volunteerism  continues  to 
drive  the  installation  of  the  InteropNet. 
Throughout  the  InteropNet's  19-year  history, 
it  has  owed  many  thanks  to  its  ever-growing, 
dynamic,  and  resourceful  community  of 
expert  engineers.  Thank  you. 


"I  learned  more  in  a  week  at 
NetWorld+Interop  and  being 
involved  with  InteropNet  than  I 
learned  in  a  whole  year  at  school. " 

— Robert  Nagy,  Priority  Networks 


All  Points  Covered 

A  hand-selected  group  of  leading  vendors  will 
tackle  the  most  high-profile  assignment  in  the 
networking  and  communications — connecting  all 
of  NetWorld+Interop  Las  Vegas  2004 — in  just  four 
days.  This  next-generation  network  features  a 
custom-built  metro  area  network  to  access  multi¬ 
ple  services  including  the  latest  wireless  switching 
technology,  a  fully  integrated  VoIP  network,  high- 
bandwidth  Multicast  Video,  Internet  access  deliv¬ 
ering  services  to  more  than  250  exhibitors,  the 
educational  conferences,  meeting  rooms  and 
20,000  attendees.  Free,  eNet  engineer-led  tours 
offer  a  practical,  behind-the-scenes  view  of  one  of 
the  world's  largest  temporary  networks — you'll 
gain  an  intimate  understanding  of  the  eNet  from 
the  experts  who  built  it. 

The  Next-Generation 
Network 

The  eNet  is  a  highly  resilient  network  that  is  engi¬ 
neered  from  the  ground  up  using  Next- 
Generation  10-Gigabit  technologies  like  the 
Extreme  Networks,  BlackDiamond,  10808  core 
switch.  Modeled  after  metro  area  networks  that 
require  unprecedented  reliability  and  redundancy, 
the  eNet  supports  real-time  voice  and  video  traf¬ 
fic  with  SONET-speed  failover  on  standard 
Gigabit  and  10  Gigabit  Ethernet.  Protected  by 
EAPS  (RFC  3619  Ethernet  Automatic  Protection 
Switching)  the  eNet  delivers  its  high-availability 
services  with  failover  in  less  than  50ms. 


eNet  2004  Providers  include: 

Premier  Network  Hardware  Provider 


networks 


Providers 


Fiber  Optic  Cabling 

3M  Volition™ 

Testing  &  Troubleshooting 

f=L.UKE 

networks » 

Network-Critical 

Official  Internet 

Physical  Infrastructure 

Service  Provider 

APC 

cOptTGate 

Legendary  Reliability” 

VslN  etworks,  Inc. 

Next  Generation  Wireless 

Performance  Analysis 

AR"BA 

_ # — _ 

WIRELESS  NETWORKS 

SPIRENT 

Communications 

www.spirentcom.com 

VoIP 

Network  Security 

AVAyA 

Ov 

NETSCREEN • 

Network  Management  and  Service  Desk 


<£3)  Computer  Associates- 


New  Innovators 


WLAN  Monitoring 


AIRMAGNET 


IP  Route  Analytics 
Packet  Design 


Register  today  at  www.interop.com/lasvegas2004/registration/  My- 

^ ■■■■■■■■  TTir 


Copyright  ©  2004  MediaLive  International.  Inc.  795  Folsom  Street,  6th  Floor,  San  Francisco,  CA  941 07.  All  Rights  Reserved.  NL04-01 1 3. 

MediaLive  International,  NetWorld,  NetWorld+Interop,  Interop,  and  associated  design  marks  and  logos  are  trademarks  or  service  marks 

owned  or  used  under  license  by  MediaLive  International,  Inc.,  and  may  be  registered  in  the  United  States  and  other  countries  Other  jejfc  [\y]  ,-;J j  g  |_j  \yg 
names  mentioned  may  be  the  trademark  or  service  mark  of  their  respective  owners. 


www.nwfusion.com 

4/5/04 

1 

SackSpii 

II  Mark  Gibbs 

Wrapping  up  the  messaging  and 


hats  it  —  the  four-city  Network 
World  Messaging  and  Spam 
Tour  is  over.  If  you  were  one  of 
the  attendees,  thanks  for  coming.  If 
you  weren’t,  well, you  missed  some 
great  events. 

One  thing  we  do  at  these  events  is 
award  a  stupendous,  fantastic  prize 
for  the  best  question  put  to  the  panel,  and  on  this 
tour  we  got  some  great  questions! 

Looking  back,  it  is  interesting  to  identify  the 
queries  that  were  asked  most  often. Three  questions 
were  more  common  than  any  others. 

The  first  was  how  to  educate  users  about  spam.We 
explored  this  topic  extensively  both  publicly  and  in 
private  conversations  afterward,  and  it  is  apparent 
that  it  isn’t  a  simple  issue. 

The  main  difficulty  seems  to  be  how  much 
interest  your  users  have  in  the  spam  problem  and 
how  good  their  computer  skills  are.  Most  users 
are  too  busy  to  worry  about  how  to  drive  the 
spam-filtering  system. 

You  might  argue  that  they  should  be  interested,  but 
unless  you  have  a  remarkable  level  of  political 
power  in  your  organization, you  can  only  lead  the 
horse  to  water. These  people  need  to  have  minimal 
spam  training. 

For  staff  interested  and  capable, you  can  train  them 
to  whatever  level  is  most  useful  for  IT  to  get  the 


greatest  benefit  from  the  anti-spam  solution. 

So  what  do  you  tell  your  users  at  a  minimum?  The 
basic  need  is  for  them  to  understand  the  scale  of  the 
problem,  the  parts  of  your  acceptable  use  policy  that 
apply  to  spam,  and  how  to  avoid  compounding  the 
problem  (such  as  don’t  open  attachments  if  you 
don’t  know  what  the  attachment  is  for  or  its  format). 
In  other  words,  enough  to  be  informed  but  not  too 
much  to  lose  interest. 

The  second  top  question  concerned  spam  filter¬ 
ing:  How  do  you  filter  out  spam  but  minimize  false 
positives? 

The  answer  is,  it  requires  management.  Messages 
from  known  important  senders  must  be  added  to 
your  whitelist.  Messages  from  unknown  senders 
(such  as  potential  clients)  need  to  be  managed  in 
quarantine. 

There  is  no  silver  bullet  that  fixes  this  issue 
because  spam  is  an  evolving  problem. 

Our  third  top  question  was  how  to  get  the  re¬ 
sources  to  attack  the  problem.  In  many  companies 
this  is  a  political  problem  and  requires  that  you 
approach  the  keepers  of  the  corporate  purse  with  a 
well-argued  and  financially  sound  solution. 

I  recommend  starting  this  project  with  a  review  of 
how  your  messaging  systems  are  put  together  and 
how  they  are  performing.  If  you  check  out  the  latest 
interactive  version  of  my  spam  cost  calculator 
(www.gibbs.com/msg)  you’ll  see  that  there  are  a 


spam  tour 

score  of  parameters  you  can  use  to  build  your  case. 

In  the  model  (you  also  can  download  the  underly¬ 
ing  spreadsheet  from  the  same  location)  you  can 
tweak  the  parameters  and  explore  the  impact  of 
unfiltered  and  filtered  environments  on  the  costs  of 
connectivity  storage,  support  and  productivity 

Once  you  know  where  your  costs  lie  and  the  cost 
savings  of  spam  filtering, you  have  a  viable  argument 
to  take  to  the  powers  that  be  for  funding. The  spam 
problem  is  going  to  dominate  Internet  e-mail  to  with¬ 
in  a  few  points  of  100%  in,  at  best,  the  next  couple  of 
years. This  means  you  need  a  strategy 

Start  with  evaluating  and  modeling,  identify  a  solu¬ 
tion  to  address  the  problem, sell  that  solution  inter¬ 
nally  with  a  persuasive  financial  argument,  imple¬ 
ment  and  train  users,  and  then  keep  reviewing  and 
improving  your  solution. 

Spammers  are  not  passive  —  they  are  constantly 
researching  how  to  get  around  the  spam-filtering  sys¬ 
tems,  so  you  need  to  keep  refining  and  adapting 
your  approach. 

One  thing  is  certain  from  our  discussions  at  these 
events  —  it  is  highly  unlikely  the  spam  problem  will 
be  solved  in  the  near  future, so  the  only  practical 
approach  is  to  focus  on  defending  your  organiza¬ 
tion.  Now  is  the  time  to  start. 

Thanks  to  all  who  attended  the  tour  and  to  our  spon¬ 
sors.  Now  tell  me  your  plans  at  backspin@gibbs.com. 


By  Adam  Gaffin 

The  problem  with  Java 

Russell  Beatie  says  the  problem  with 
Java  isn’t  the  language  itself  but  com¬ 
puter-science  majors  who  insist  on  making  it  too  complex.  He  writes: 

"The  problem  is  that  much  of  the  Java  stuff  out  there  is  just  written  by  really 
smart  morons  who  seem  to  love  complexity  for  complexity's  sake.  Even  in  the 
API  itself!  Ever  used  the  Calendar  API?  It's  written  by  a  monkey.  Ever  check 
out  the  code  under  the  JSTL? Those  guys  have  to  be  on  crack.  It’s  not  the  lan¬ 
guage  itself  that  causes  these  problems,  it’s  the  culture  around  the  language. 
When  programmers  respect  patterns  more  than  solutions,  you  know  something 
is  broken." 

Read  his  rant  at  www.nwfusion.com,  DocFinder:  1438,  and  check  out  the 
comments,  including  this  one  from  a  guy  with  degrees  in  computer  science 
(CS)  and  software  engineering  (SE):  "CS  gives  us  things  like  Boyer-Moore 
search,  Bloom  filters  and  Lempel-Ziv  compression;  SE  gives  us  things  like 
Apache  and  Google.” 

But  what  do  you  really  think? 

Does  Beatie  know  Phil  Wainewright?  Wainewright  discusses  a  proposed 
Web-services  specification  from  IBM  and  BEA  Systems  called  BPELS: 

“6PELJ  is  a  sleazy  compromise  that  some  projects  will  be  tempted  to  adopt 
as  a  shortcut  to  reaching  a  working  solution. That’s  fine  so  long  as  those 
involved  remember  that  at  some  point  in  the  near  future  they’ll  have  to  go  back 
and  refactor  their  BPEL  code  to  replace  all  the  Java  snippets  with  proper  ser¬ 
vice  calls.  It  ranks  on  a  par  with  creating  an  enterprise  application  on  the 
assumption  that  you  can  add  internationalization  later  on. This  specification 
should  come  with  a  health  warning  slapped  on  the  side  of  it.” 


Read  more  of  his  comments  at  DocFinder:  1445.  Is  he  right?  Read  the  pro¬ 
posed  spec  at  www.nwfusion.com,  DocFinder:  1439. 

What’s  it  called? 

Surely  there’s  a  name  for  this  situation: 

You  cut  some  text  from  one  application  and  hit  the  buttons  to  paste  it  into 
another,  but  it  winds  up  in  an  instant-message  window  because  at  that  exact 
moment  one  of  your  IM  buddies  sent  you  a  message  and  you,  distracted  by  the 
keyboard  and  with  your  sound  off,  didn't  notice  the  window  popping  up. 

Virtual  reality  for  cancer  patients 

A  study  at  the  Duke  Comprehensive  Cancer  Center  showed  that  some 
breast-cancer  patients  undergoing  chemotherapy  experienced  less  fatigue  and 
fewer  side  effects  when  hooked  up  to  virtual-reality  systems  during  treat¬ 
ments,  according  to  NurseWeek  magazine: 

"On  the  first  day  of  treatment,  at  the  invitation  of  Linda  Hood,  nurse  coordi¬ 
nator  for  the  virtual  reality  project,  Oakley  [a  patient]  donned  a  pair  of  l-Glas- 
ses  SVGA,  or  audio/video  glasses,  positioned  a  pair  of  ear  pads  and  explored 
a  computer-generated  scuba  dive,  engaging  several  of  her  senses  at  once. . . . 
Schneider  took  care  to  select  the  proper  computer  simulations.  Simulations 
requiring  too  much  focus  on  details,  such  as  a  flight  simulator  or  a  game 
requiring  rapid  mouse  clicks,  can  be  overly  demanding  on  chemotherapy 
patients  or  produce  unwelcome  nausea.” 

Read  the  full  report  at  DocFinder:  1440. 

Gaffin  is  executive  editor  of  Network  World  Fusion.  Read  his  column  daily  at 
www.nwfusion.com/compendium/index.html.  Proving  nobody  can  fill  Paul 
McNamara's  shoes,  Gaffin  will  alternate  in  this  space  with  Fusion  Managing  Editor 
Melissa  Shaw  until  'Net  Buzz  returns. 
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The  NetVanta”  3000  Series  from  ADTRAN. 


Dare  to  Compare! 

NetVanta 

3305 

Industry-Leading 

Brand 

Dual  Network  Interfaces 

✓ 

$$$ 

Dual  Ethernet  Interfaces 

✓ 

$$$ 

Stateful  Inspection  Firewall 

✓ 

sss 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Quality  of  Service  (QoS) 

✓ 

✓ 

VLAN  Trunking 

✓ 

✓ 

Virtual  Private  Networking  (VPN) 

$ 

$$$ 

Dial  Backup 

$ 

$$$ 

PBX  Connectivity 

$ 

sssss 

Unlimited  Telephone  Support 

Free 

$$$ 

Operating  System  Updates 

Free 

ssss 

Warranty 

5  Year 

1  Year 

Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


Using  a  NetVanta  3000  router,  you  can  outfit  a  remote 
location  with  complete  T1  voice  and  data  communications 
for  50%  less  than  you’re  accustomed  to  paying.  Loaded 
with  standard  features,  and  available  with  very  reasonably 
priced  options,  the  NetVanta  3000  Series  is  everything  you 
need  in  a  router  and  more.  Lower  price  isn’t  the  result  of 
cutting  corners — it’s  the  result  of  smart  engineering. 
Engineering  that’s  backed  by  a  100 %  satisfaction  guarantee 
from  ADTRAN,  including  unlimited  telephone  technical 
support  (before  and  after  the  sale),  free  ADTRAN  OS  updates, 
and  a  full  five-year  warranty.  Try  a  NetVanta  3000  router  today. 
And  start  getting  more  out  of  your  router  dollar. 

Why  pay  more? 


Take  the  CLI  Challenge!  Receive  a  free  T-Shirt! 

w  w  w.  a  dtran.  com/in  fo/wh  ypa  ymore 

877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 


2M2 

XomiDunications 

SOLUTIONS 
Protect  M  Tie  Year 
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IBM  Express  Middleware:  Designed 
and  developed  for  midsize  companies. 

(IBM  muscle  for  less  moolah.) 


MIDDLEWARE  IS  POWERFUL  IBM  SOFTWARE.  The  kind  of  software  that  makes  your  applications  work  better  to  solve 
your  business  problems.  It’s  an  answer.  It's  IBM  DB2?  Lotus,®  Tivoli®  and  WebSphere®  And  in  the  form  of  the  IBM  Middleware 
Express  Portfolio,  it’s  now  more  accessible  than  ever  for  midsize  businesses. 

The  IBM  Middleware  Express  Portfolio  is  engineered  to  work  with  your  existing  business  applications  whether  they  run  on 
Windows?  Linux®  or  UNIX®  It’s  engineered  to  be  deployed  by  those  without  computer  science  degrees.  It’s  priced  to  put  a 
smile  on  Accounting’s  face.  It's  nimble.  Quick.  Flexible. 

Your  technology  will  work  harder  to  meet  the  demands  of  your  customers,  your  business  goals  and  your  industry’s  needs.  It  makes 
your  business  more  responsive  to  the  unforeseen.  Of  course,  all  of  this  is  easy  to  implement,  easy  to  install,  simple  to  maintain.  You 
need  to  learn  more.  To  find  an  IBM  Business  Partner  in  your  area,  visit  ibm.com/software/express 


DB2,  LlIus.  Tivoli  and  WebSphere  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Linux  is  a  registered  trademark  of  Linus  Torvalds.  Windows  is 
I'stered  trademark  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United  States  and/or  other  countries.  ©  2004  IBM  Corporation.  All  rights  reserved. 


